[Git][security-tracker-team/security-tracker][master] CVE-2020-11724/nginx: ngx_lua new smuggling regression tests fail in nginx/stretch
Sylvain Beucler
beuc at debian.org
Sat Jul 11 17:23:13 BST 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
22b32959 by Sylvain Beucler at 2020-07-11T18:22:41+02:00
CVE-2020-11724/nginx: ngx_lua new smuggling regression tests fail in nginx/stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10603,7 +10603,6 @@ CVE-2020-11724 (An issue was discovered in OpenResty before 1.15.8.4. ngx_http_l
NOTE: https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa (ngx_lua 0.10.17, with tests)
NOTE: https://github.com/openresty/openresty/commit/4e8b4c395f842a078e429c80dd063b2323999957 (ngx_lua 0.10.15)
NOTE: nginx packages include ngx_lua in debian/modules/
- TODO: check details (patch applies to src:nginx, but check if issue is specific to OpenResty before 1.15.8.4)
CVE-2020-11725 (** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux k ...)
- linux <unfixed>
NOTE: https://twitter.com/yabbadabbadrew/status/1248632267028582400
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22b3295914d033fecd6a471bddfb0cf0e0d29391
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22b3295914d033fecd6a471bddfb0cf0e0d29391
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200711/2dd4a064/attachment.html>
More information about the debian-security-tracker-commits
mailing list