[Git][security-tracker-team/security-tracker][master] CVE-2020-828{4,5,6}/curl fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Thu Dec 31 17:01:34 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
54ad6c4f by Salvatore Bonaccorso at 2020-12-31T18:01:09+01:00
CVE-2020-828{4,5,6}/curl fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60746,18 +60746,18 @@ CVE-2020-8287
 	RESERVED
 CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...)
 	{DLA-2500-1}
-	- curl <unfixed> (bug #977161)
+	- curl 7.74.0-1 (bug #977161)
 	NOTE: https://curl.se/docs/CVE-2020-8286.html
 	NOTE: https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199 (curl-7_74_0)
 CVE-2020-8285 (curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recu ...)
 	{DLA-2500-1}
-	- curl <unfixed> (bug #977162)
+	- curl 7.74.0-1 (bug #977162)
 	NOTE: https://curl.se/docs/CVE-2020-8285.html
 	NOTE: https://github.com/curl/curl/issues/6255
 	NOTE: https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d (curl-7_74_0)
 CVE-2020-8284 (A malicious server can use the FTP PASV response to trick curl 7.73.0  ...)
 	{DLA-2500-1}
-	- curl <unfixed> (bug #977163)
+	- curl 7.74.0-1 (bug #977163)
 	NOTE: https://curl.se/docs/CVE-2020-8284.html
 	NOTE: https://github.com/curl/curl/commit/ec9cc725d598ac77de7b6df8afeec292b3c8ad46 (curl-7_74_0)
 CVE-2020-8283 (An authorised user on a Windows host running Citrix Universal Print Se ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54ad6c4fb206b3ba9198169cbcbc748b09b340bc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54ad6c4fb206b3ba9198169cbcbc748b09b340bc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201231/6f09e92a/attachment.html>

More information about the debian-security-tracker-commits mailing list