[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-20444

Salvatore Bonaccorso carnil at debian.org
Sat Feb 8 20:45:08 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
370851b3 by Salvatore Bonaccorso at 2020-02-08T21:43:26+01:00
Add Debian bug reference for CVE-2019-20444

- - - - -
5c97c854 by Salvatore Bonaccorso at 2020-02-08T21:44:23+01:00
Add Debian bug reference for CVE-2019-20445 (and CVE-2020-7238)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -814,13 +814,13 @@ CVE-2020-8434
 CVE-2020-8433
 	RESERVED
 CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length  ...)
-	- netty <unfixed>
+	- netty <unfixed> (bug #950967)
 	- netty-3.9 <removed>
 	NOTE: https://github.com/netty/netty/issues/9861
 	NOTE: https://github.com/netty/netty/commit/8494b046ec7e4f28dbd44bc699cc4c4c92251729 (4.1)
 	NOTE: https://github.com/netty/netty/commit/5f68897880467c00f29495b0aa46ed19bf7a873c (tests)
 CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...)
-	- netty <unfixed>
+	- netty <unfixed> (bug #950966)
 	- netty-3.9 <removed>
 	NOTE: https://github.com/netty/netty/issues/9866
 	NOTE: https://github.com/netty/netty/commit/a7c18d44b46e02dadfe3da225a06e5091f5f328e (4.1)
@@ -3454,7 +3454,7 @@ CVE-2019-20383
 CVE-2019-20382
 	RESERVED
 CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles ...)
-	- netty <unfixed>
+	- netty <unfixed> (bug #950967)
 	- netty-3.9 <removed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1796225
 	NOTE: https://github.com/jdordonezn/CVE-2020-72381/issues/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9b998114a97dced4120c3a70ff9f0ef7647800ed...5c97c8545dbb9885e05aba59e3b3f562fd958fa9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9b998114a97dced4120c3a70ff9f0ef7647800ed...5c97c8545dbb9885e05aba59e3b3f562fd958fa9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200208/abf25a72/attachment.html>

More information about the debian-security-tracker-commits mailing list