[Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-1753/ansible
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 17 17:44:19 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d2d56c75 by Salvatore Bonaccorso at 2020-03-17T18:43:48+01:00
Add information on CVE-2020-1753/ansible
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21961,7 +21961,12 @@ CVE-2020-1754
RESERVED
CVE-2020-1753 (A security flaw was found in Ansible Engine, all Ansible 2.7.x version ...)
- ansible <unfixed>
+ [stretch] - ansible <not-affected> (Vulnerable code introduced later)
+ [jessie] - ansible <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1811008
+ NOTE: https://github.com/ansible-collections/kubernetes/pull/51
+ NOTE: Fixing commit only introduces a warning about disclosure when using certain
+ NOTE: options.
CVE-2020-1752 [use-after-free in glob() function when expanding ~user]
RESERVED
- glibc <unfixed> (bug #953788)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2d56c75070006b557413107b2815e69c3e6d3d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2d56c75070006b557413107b2815e69c3e6d3d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200317/697b2c07/attachment.html>
More information about the debian-security-tracker-commits
mailing list