[Git][security-tracker-team/security-tracker][master] 2 commits: Track patchset for CVE-2020-10648/u-boot

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d3b4836 by Salvatore Bonaccorso at 2020-04-15T21:55:04+02:00
Track patchset for CVE-2020-10648/u-boot

- - - - -
20e670b6 by Salvatore Bonaccorso at 2020-04-15T21:55:34+02:00
Track fixed version for CVE-2020-10648/u-boot via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3062,12 +3062,13 @@ CVE-2019-20510
 CVE-2020-10649 (DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10  ...)
 	NOT-FOR-US: ASUS Device Activation
 CVE-2020-10648 (Das U-Boot through 2020.01 allows attackers to bypass verified boot re ...)
-	- u-boot <unfixed>
+	- u-boot 2020.04+dfsg-1
 	[buster] - u-boot <no-dsa> (Minor issue)
 	[stretch] - u-boot <no-dsa> (Minor issue)
 	[jessie] - u-boot <ignored> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2020/03/18/5
 	NOTE: https://labs.f-secure.com/advisories/das-u-boot-verified-boot-bypass/
+	NOTE: https://lists.denx.de/pipermail/u-boot/2020-March/403409.html
 CVE-2020-10647
 	RESERVED
 CVE-2020-10646 (Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a h ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64c67aae35c5cf459428003620ac8c84d8a59f97...20e670b61e8f80ba4c00f14766413b75fd2e790d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64c67aae35c5cf459428003620ac8c84d8a59f97...20e670b61e8f80ba4c00f14766413b75fd2e790d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200415/0407e72f/attachment.html>