[Git][security-tracker-team/security-tracker][master] mutt: Replace morror gitrepository urls with the actually main repository
Salvatore Bonaccorso
carnil at debian.org
Fri Jun 19 07:26:37 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aeb241c5 by Salvatore Bonaccorso at 2020-06-19T08:26:04+02:00
mutt: Replace morror gitrepository urls with the actually main repository
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,6 +1,6 @@
CVE-2020-XXXX [MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP]
- mutt 1.14.4-1
- NOTE: https://github.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
+ NOTE: https://gitlab.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
CVE-2020-14446 (An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO ...)
NOT-FOR-US: WSO2 Identity Server
CVE-2020-14445 (An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 ...)
@@ -624,9 +624,9 @@ CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a lar
CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in response to ...)
- mutt 1.14.3-1
NOTE: http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html
- NOTE: https://github.com/muttmua/mutt/commit/bb0e6277a45a5d4c3a30d3b968eeb31d78124e95
- NOTE: https://github.com/muttmua/mutt/commit/5fccf603ebcf352ba783136d6b2d2600d811fb3b
- NOTE: https://github.com/muttmua/mutt/commit/f64ec1deefb67d471a642004e102cd1c501a1db3
+ NOTE: https://gitlab.com/muttmua/mutt/commit/bb0e6277a45a5d4c3a30d3b968eeb31d78124e95
+ NOTE: https://gitlab.com/muttmua/mutt/commit/5fccf603ebcf352ba783136d6b2d2600d811fb3b
+ NOTE: https://gitlab.com/muttmua/mutt/commit/f64ec1deefb67d471a642004e102cd1c501a1db3
CVE-2020-14153 (In IJG JPEG (aka libjpeg) before 9d, jdhuff.c has an out-of-bounds arr ...)
TODO: check
CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ...)
@@ -774,7 +774,7 @@ CVE-2017-18869 (A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10
NOTE: https://snyk.io/vuln/npm:chownr:20180731
CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attac ...)
- mutt 1.14.3-1 (bug #962897)
- NOTE: https://github.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
+ NOTE: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
CVE-2020-14092
RESERVED
CVE-2020-14091
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeb241c5f3a88b61608d2868d5461aca1538ffd5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeb241c5f3a88b61608d2868d5461aca1538ffd5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200619/d5221b7a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list