[Git][security-tracker-team/security-tracker][master] refpolicy n/a

Mon Aug 31 09:53:02 BST 2020


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5fdb6d1 by Moritz Muehlenhoff at 2020-08-31T10:52:43+02:00
refpolicy n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -850,7 +850,9 @@ CVE-2020-24613 (wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_
 	- wolfssl <unfixed>
 	NOTE: https://research.nccgroup.com/2020/08/24/technical-advisory-wolfssl-tls-1-3-client-man-in-the-middle-attack/
 CVE-2020-24612 (An issue was discovered in the selinux-policy (aka Reference Policy) p ...)
-	TODO: check
+	- refpolicy <not-affected> (Debian package doesn't ship pam-u2f config)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860888
+	NOTE: https://github.com/fedora-selinux/selinux-policy/commit/71e1989028802c7875d3436fd3966c587fa383fb
 CVE-2020-24611
 	RESERVED
 CVE-2020-24610



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5fdb6d1041a88fc9c5b60da6ae87e9e7a96e35e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5fdb6d1041a88fc9c5b60da6ae87e9e7a96e35e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200831/73e5f546/attachment.html>
