[Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to commit for bubblewrap issue

Salvatore Bonaccorso carnil at debian.org
Tue Mar 31 20:07:38 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72f68c64 by Salvatore Bonaccorso at 2020-03-31T21:06:50+02:00
Add reference to commit for bubblewrap issue

- - - - -
c9321b01 by Salvatore Bonaccorso at 2020-03-31T21:07:17+02:00
Track assigned CVE for bubblewrap issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,8 +1,9 @@
-CVE-2020-XXXX [bubblewrap priv escalation]
+CVE-2020-5291 [bubblewrap priv escalation]
 	- bubblewrap 0.4.1-1 (low)
 	[buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
 	[stretch] - bubblewrap <not-affected> (Introduced in 0.4.0)
 	NOTE: https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj
+	NOTE: https://github.com/containers/bubblewrap/commit/1f7e2ad948c051054b683461885a0215f1806240
 CVE-2020-11113 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
 	- jackson-databind <unfixed>
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2670
@@ -13455,8 +13456,6 @@ CVE-2020-5293
 	RESERVED
 CVE-2020-5292
 	RESERVED
-CVE-2020-5291
-	RESERVED
 CVE-2020-5290
 	RESERVED
 CVE-2020-5289 (In Elide before 4.5.14, it is possible for an adversary to "guess and  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3018d1e58c9d503a5b1fade65e0f7332415170a4...c9321b0121cc9bbb4e128cfe4668c59d57ff99b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3018d1e58c9d503a5b1fade65e0f7332415170a4...c9321b0121cc9bbb4e128cfe4668c59d57ff99b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200331/b71e8564/attachment.html>

More information about the debian-security-tracker-commits mailing list