[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-12690, CVE-2020-12691 & CVE-2020-12690 as unspported in jessie LTS.

Chris Lamb lamby at debian.org
Sat May 9 13:21:28 BST 2020 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
549a8efc by Chris Lamb at 2020-05-09T13:13:35+01:00
Mark CVE-2020-12690, CVE-2020-12691 & CVE-2020-12690 as unspported in jessie LTS.

- - - - -
4460f34e by Chris Lamb at 2020-05-09T13:20:36+01:00
Add a drive-thru comment regarding CVE-2020-12741 in src:tcpreplay.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,6 +29,7 @@ CVE-2020-12741
 CVE-2020-12740 (tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-rea ...)
 	- tcpreplay <unfixed>
 	NOTE: https://github.com/appneta/tcpreplay/issues/576
+	NOTE: --fuzz-seed in PoC not present until version 4.2.0
 CVE-2020-12739
 	RESERVED
 CVE-2020-12738
@@ -154,16 +155,19 @@ CVE-2020-12675
 CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
 	{DSA-4679-1}
 	- keystone 2:17.0.0~rc2-1 (bug #959900)
+	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1872737
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/4
 CVE-2020-12691 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
 	{DSA-4679-1}
 	- keystone 2:17.0.0~rc2-1 (bug #959900)
+	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1872733
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/5
 CVE-2020-12690 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
 	{DSA-4679-1}
 	- keystone 2:17.0.0~rc2-1 (bug #959900)
+	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
 	NOTE: https://bugs.launchpad.net/keystone/+bug/1873290
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/6
 CVE-2020-12674



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1d3f1486ddeedf37f68d9eb354524461f0327e87...4460f34e8e33f8ff2e15e8f896e4b31d7d53e7f5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1d3f1486ddeedf37f68d9eb354524461f0327e87...4460f34e8e33f8ff2e15e8f896e4b31d7d53e7f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200509/6110cf70/attachment.html>

More information about the debian-security-tracker-commits mailing list