[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-5260/git

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06dae135 by Salvatore Bonaccorso at 2020-04-14T17:25:37+02:00
Add CVE-2020-5260/git

- - - - -
2b52f9f7 by Salvatore Bonaccorso at 2020-04-14T20:25:30+02:00
Merge branch 'embargoed/git-CVE-2020-5260'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15380,6 +15380,11 @@ CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package Sustains
 	NOT-FOR-US: ASP.NET
 CVE-2020-5260
 	RESERVED
+	- git <unfixed>
+	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
+	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=17f1c0b8c7e447aa62f85dc355bb48133d2812f2
+	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c716fe4bd917e013bf376a678b3a924447777b2d
+	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=07259e74ec1237c836874342c65650bdee8a3993
 CVE-2020-5259 (In affected versions of dojox (NPM package), the jqMix method is vulne ...)
 	{DLA-2139-1}
 	- dojo 1.15.3+dfsg1-1 (bug #953587)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a26f4d82374518ca166fbf1c2e2cec5648226cc1...2b52f9f78dfff305097de0dc4b60bb78e7986d5a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a26f4d82374518ca166fbf1c2e2cec5648226cc1...2b52f9f78dfff305097de0dc4b60bb78e7986d5a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200414/d7e20191/attachment.html>