[Git][security-tracker-team/security-tracker][master] Add CVE-2020-863{1,2}/cloud-init
Salvatore Bonaccorso
carnil at debian.org
Wed Feb 5 20:25:39 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f505fb18 by Salvatore Bonaccorso at 2020-02-05T21:25:00+01:00
Add CVE-2020-863{1,2}/cloud-init
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,9 +15,13 @@ CVE-2020-8634
CVE-2020-8633
RESERVED
CVE-2020-8632 (In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...)
- TODO: check
+ - cloud-init <unfixed>
+ NOTE: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795
+ NOTE: https://github.com/canonical/cloud-init/pull/189
CVE-2020-8631 (cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...)
- TODO: check
+ - cloud-init <unfixed>
+ NOTE: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795
+ NOTE: https://github.com/canonical/cloud-init/pull/204
CVE-2020-8630
RESERVED
CVE-2020-8629
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f505fb18653c494a9d3182575202dd5307846b4d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f505fb18653c494a9d3182575202dd5307846b4d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200205/450a3215/attachment.html>
More information about the debian-security-tracker-commits
mailing list