[Git][security-tracker-team/security-tracker][master] Add CVE-2020-1080{2,3,4}/phpmyadmin

Sun Mar 22 08:22:35 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8df2832 by Salvatore Bonaccorso at 2020-03-22T09:22:00+01:00
Add CVE-2020-1080{2,3,4}/phpmyadmin

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,18 @@
 CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
-	TODO: check
+	- phpmyadmin <unfixed>
+	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-2/
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80
 CVE-2020-10803 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
-	TODO: check
+	- phpmyadmin <unfixed>
+	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-4/
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/2489837213b90664aceebe4c9ac641bf167b8a97
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/46a7aa7cd4ff2be0eeb23721fbf71567bebe69a5
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6b9b2601d8af916659cde8aefd3a6eaadd10284a
 CVE-2020-10802 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
-	TODO: check
+	- phpmyadmin <unfixed>
+	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-3/
+	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/a8acd7a42cf743186528b0453f90aaa32bfefabe
 CVE-2020-10801
 	RESERVED
 CVE-2020-10800 (lix through 15.8.7 allows man-in-the-middle attackers to execute arbit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8df28321619846a0984f334f6cef0d18da61141

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8df28321619846a0984f334f6cef0d18da61141
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200322/3982e557/attachment.html>
