[Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-10675/golang-github-buger-jsonparser
Salvatore Bonaccorso
carnil at debian.org
Mon Mar 30 07:31:17 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eca8dceb by Salvatore Bonaccorso at 2020-03-30T08:30:35+02:00
Add upstream commit for CVE-2020-10675/golang-github-buger-jsonparser
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -939,6 +939,7 @@ CVE-2020-10676
CVE-2020-10675 (The Library API in buger jsonparser through 2019-12-04 allows attacker ...)
- golang-github-buger-jsonparser 0.0~git20200322.0.f7e751e-1 (bug #954373)
NOTE: https://github.com/buger/jsonparser/issues/188
+ NOTE: https://github.com/buger/jsonparser/commit/91ac96899e492584984ded0c8f9a08f10b473717
CVE-2020-10673 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
{DLA-2153-1}
- jackson-databind <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eca8dcebcc801d4aac55fe202523a648bce6dffa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eca8dcebcc801d4aac55fe202523a648bce6dffa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200330/d9f777b9/attachment.html>
More information about the debian-security-tracker-commits
mailing list