[Git][security-tracker-team/security-tracker][master] Link upstream announcemnt and release notes for CVE-2020-17510/shiro

[Roberto C. Sánchez]

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
882a8b9e by Roberto C. Sánchez at 2020-12-22T20:51:08-05:00
Link upstream announcemnt and release notes for CVE-2020-17510/shiro

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35035,6 +35035,8 @@ CVE-2020-17511 (In Airflow versions prior to 1.10.13, when creating a user using
 CVE-2020-17510 (Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a spec ...)
 	- shiro <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/7
+	NOTE: https://lists.apache.org/thread.html/rc2cff2538b683d480426393eecf1ce8dd80e052fbef49303b4f47171%40%3Cdev.shiro.apache.org%3E
+	NOTE: https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12349284&styleName=Text&projectId=12310950
 CVE-2020-17509 [ATS negative cache option is vulnerable to a cache poisoning attack]
 	RESERVED
 	{DSA-4805-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/882a8b9e179a76e98258bb2985a6718b9a9a9ebc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/882a8b9e179a76e98258bb2985a6718b9a9a9ebc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201223/d679fb04/attachment.html>