[Git][security-tracker-team/security-tracker][master] Track fixed version via new upstream version for CVE-2020-27195 and CVE-2020-28348 (nomad)
Salvatore Bonaccorso
carnil at debian.org
Wed Dec 9 05:21:11 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dc715636 by Salvatore Bonaccorso at 2020-12-09T06:20:28+01:00
Track fixed version via new upstream version for CVE-2020-27195 and CVE-2020-28348 (nomad)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4108,7 +4108,7 @@ CVE-2020-28350 (A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sok
CVE-2020-28349 (** DISPUTED ** An inaccurate frame deduplication process in ChirpStack ...)
NOT-FOR-US: ChirpStack Network Server
CVE-2020-28348 (HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker ...)
- - nomad <unfixed> (bug #976593)
+ - nomad 0.10.9+dfsg1-1 (bug #976593)
NOTE: https://github.com/hashicorp/nomad/issues/9303
CVE-2020-28347 (tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows rem ...)
NOT-FOR-US: TP-Link
@@ -8874,7 +8874,7 @@ CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in Eclect
CVE-2020-27196 (An issue was discovered in PlayJava in Play Framework 2.6.0 through 2. ...)
NOT-FOR-US: Play Framework
CVE-2020-27195 (HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client ...)
- - nomad <unfixed> (bug #972795)
+ - nomad 0.10.9+dfsg1-1 (bug #972795)
NOTE: https://github.com/hashicorp/nomad/issues/9129
NOTE: https://github.com/hashicorp/nomad/commit/a8ea7c5f421297db434b45046fca7a9deef6df85 (0.12.6)
CVE-2020-27193 (A cross-site scripting (XSS) vulnerability in the Color Dialog plugin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc715636fa8982721e9c59183ae57905d4c3c6a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc715636fa8982721e9c59183ae57905d4c3c6a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201209/d014f6d2/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list