[Git][security-tracker-team/security-tracker][master] commons-configuration2 spu

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29a76a70 by Moritz Muehlenhoff at 2020-07-25T15:11:02+02:00
commons-configuration2 spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -37042,7 +37042,7 @@ CVE-2020-1954 (Apache CXF has the ability to integrate with JMX by registering a
 	NOT-FOR-US: Apache CXF
 CVE-2020-1953 (Apache Commons Configuration uses a third-party library to parse YAML  ...)
 	- commons-configuration2 2.7-1 (bug #954713)
-	[buster] - commons-configuration2 <no-dsa> (Minor issue)
+	[buster] - commons-configuration2 <no-dsa> (Minor issue, will be fixed via spu)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/13/1
 CVE-2020-1952 (An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. W ...)
 	NOT-FOR-US: Apache IoTDB


=====================================
data/next-point-update.txt
=====================================
@@ -202,3 +202,5 @@ CVE-2020-10378
 	[buster] - pillow 5.4.1-2+deb10u2
 CVE-2020-10177
 	[buster] - pillow 5.4.1-2+deb10u2
+CVE-2020-1953
+	[buster] - commons-configuration2 2.2-1+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29a76a70728a0a6266dd151c6e6b8df8b0071820

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29a76a70728a0a6266dd151c6e6b8df8b0071820
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200725/d51c5130/attachment-0001.html>