[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-5260/git
Salvatore Bonaccorso
carnil at debian.org
Tue Apr 14 19:26:44 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06dae135 by Salvatore Bonaccorso at 2020-04-14T17:25:37+02:00
Add CVE-2020-5260/git
- - - - -
2b52f9f7 by Salvatore Bonaccorso at 2020-04-14T20:25:30+02:00
Merge branch 'embargoed/git-CVE-2020-5260'
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15380,6 +15380,11 @@ CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package Sustains
NOT-FOR-US: ASP.NET
CVE-2020-5260
RESERVED
+ - git <unfixed>
+ NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
+ NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=17f1c0b8c7e447aa62f85dc355bb48133d2812f2
+ NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c716fe4bd917e013bf376a678b3a924447777b2d
+ NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=07259e74ec1237c836874342c65650bdee8a3993
CVE-2020-5259 (In affected versions of dojox (NPM package), the jqMix method is vulne ...)
{DLA-2139-1}
- dojo 1.15.3+dfsg1-1 (bug #953587)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a26f4d82374518ca166fbf1c2e2cec5648226cc1...2b52f9f78dfff305097de0dc4b60bb78e7986d5a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a26f4d82374518ca166fbf1c2e2cec5648226cc1...2b52f9f78dfff305097de0dc4b60bb78e7986d5a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200414/d7e20191/attachment.html>
More information about the debian-security-tracker-commits
mailing list