[Git][security-tracker-team/security-tracker][master] Mark jessie as not-affected by CVE-2020-10804
William Desportes
gitlab at salsa.debian.org
Sun Mar 22 13:03:32 GMT 2020
William Desportes pushed to branch master at Debian Security Tracker / security-tracker
Commits:
70f09da3 by William Desportes at 2020-03-22T14:03:03+01:00
Mark jessie as not-affected by CVE-2020-10804
I did the research in the GIT history and in the code of latest jessie version and could not find anything (obviously)
The vulnerabilities where introduced in 4.5.x and jessie has a 4.2.12 version
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,8 @@
CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
- phpmyadmin <unfixed>
+ [jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/56b43527196b0349ec2bea8ca711667e5aa75c65
+ NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/d55abcd5ffa1ea8785f1217f5b7d78a8a54b8542
NOTE: https://www.phpmyadmin.net/security/PMASA-2020-2/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200322/cb1abda7/attachment.html>
More information about the debian-security-tracker-commits
mailing list