[Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-1938/tomcat8

Salvatore Bonaccorso carnil at debian.org
Mon Feb 24 15:48:05 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
325f11c1 by Salvatore Bonaccorso at 2020-02-24T16:47:02+01:00
Add upstream commits for CVE-2020-1938/tomcat8

Important note for reviewers, from the list one commit is missing which
is listed in the
https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51
page (but does not seem valid).

Thus this needs another check.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18122,6 +18122,11 @@ CVE-2020-1938 [Tomcat AJP local file inclusion "ghostcat"]
 	NOTE: https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad (9.0.31)
 	NOTE: https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957 (9.0.31)
 	NOTE: https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153 (9.0.31)
+	NOTE: https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150 (8.5.51)
+	NOTE: https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75 (8.5.51)
+	NOTE: https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5 (8.5.51)
+	NOTE: https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19 (8.5.51)
+	NOTE: https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23 (8.5.51)
 CVE-2020-1937
 	RESERVED
 	NOT-FOR-US: Apache Kylin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/325f11c11fcaeef7fb32e17fcb6d074f365d83f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/325f11c11fcaeef7fb32e17fcb6d074f365d83f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200224/7eae5965/attachment.html>

More information about the debian-security-tracker-commits mailing list