[Git][security-tracker-team/security-tracker][master] 2 commits: add upstream patch for CVE-2020-1934

Thorsten Alteholz alteholz at debian.org
Thu Apr 30 09:53:07 BST 2020 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2145063 by Thorsten Alteholz at 2020-04-30T10:52:53+02:00
add upstream patch for CVE-2020-1934

- - - - -
97a19bf2 by Thorsten Alteholz at 2020-04-30T10:52:54+02:00
add upstream patch for CVE-2020-1927

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27422,6 +27422,7 @@ CVE-2020-1934 (In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use unin
 	[stretch] - apache2 <no-dsa> (Minor issue)
 	[jessie] - apache2 <ignored> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1934
+	NOTE: Upstream patch: https://svn.apache.org/viewvc?view=revision&revision=1873745
 CVE-2020-1933 (A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Maliciou ...)
 	NOT-FOR-US: Apache NiFi
 CVE-2020-1932 (An information disclosure issue was found in Apache Superset 0.34.0, 0 ...)
@@ -27448,6 +27449,7 @@ CVE-2020-1927 (In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with
 	[stretch] - apache2 <no-dsa> (Minor issue)
 	[jessie] - apache2 <ignored> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927
+	NOTE: Upstream patch: https://svn.apache.org/viewvc?view=revision&revision=1864213
 CVE-2020-1926
 	RESERVED
 CVE-2020-1925 (Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperI ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8ab79274f25738cb59e53233bd5905c9fdde8828...97a19bf2ae85d033e0b6e28509e922f85378a81b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8ab79274f25738cb59e53233bd5905c9fdde8828...97a19bf2ae85d033e0b6e28509e922f85378a81b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200430/82736041/attachment.html>

More information about the debian-security-tracker-commits mailing list