[Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream commit for CVE-2020-11061/bareos

Salvatore Bonaccorso carnil at debian.org
Mon Aug 24 15:53:01 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d02146dc by Salvatore Bonaccorso at 2020-08-24T16:51:15+02:00
Reference upstream commit for CVE-2020-11061/bareos

- - - - -
413d37a2 by Salvatore Bonaccorso at 2020-08-24T16:52:37+02:00
Reference upstream commit for CVE-2020-4042/bareos

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31110,6 +31110,7 @@ CVE-2020-11061 (In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8
 	[stretch] - bareos <no-dsa> (minor issue, low priority)
 	NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4
 	NOTE: https://bugs.bareos.org/view.php?id=1210
+	NOTE: https://github.com/bareos/bareos/commit/86c6fa479a21a1464366babb74e6cf33770ed7ae (master)
 CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by abusi ...)
 	- glpi <removed> (unimportant)
 	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f
@@ -48810,6 +48811,7 @@ CVE-2020-4042 (Bareos before version 19.2.8 and earlier allows a malicious clien
 	[stretch] - bareos <no-dsa> (minor issue, low priority)
 	NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752
 	NOTE: https://bugs.bareos.org/view.php?id=1250
+	NOTE: https://github.com/bareos/bareos/commit/93f2db6451a684fbb224a7d24cdd85e77b2b51fc (master)
 CVE-2020-4041 (In Bolt CMS before version 3.7.1, the filename of uploaded files was v ...)
 	NOT-FOR-US: Bolt CMS
 CVE-2020-4040 (Bolt CMS before version 3.7.1 lacked CSRF protection in the preview ge ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ded2c43cce3649797f540dcf19b7099d956b9258...413d37a20342a1eff91fd01e72cb6d0469fd9e84

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ded2c43cce3649797f540dcf19b7099d956b9258...413d37a20342a1eff91fd01e72cb6d0469fd9e84
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200824/b16817b3/attachment.html>

More information about the debian-security-tracker-commits mailing list