[Git][security-tracker-team/security-tracker][master] Add notes for CVE-2020-10744

Salvatore Bonaccorso carnil at debian.org
Fri May 15 12:14:54 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
afe8ef52 by Salvatore Bonaccorso at 2020-05-15T13:13:19+02:00
Add notes for CVE-2020-10744

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6484,10 +6484,13 @@ CVE-2020-10746
 	RESERVED
 CVE-2020-10745
 	RESERVED
-CVE-2020-10744
+CVE-2020-10744 [incomplete fix for CVE-2020-1733]
 	RESERVED
 	- ansible <unfixed>
+	[buster] - ansible <not-affected> (Incomplete fix not applied)
+	[stretch] - ansible <not-affected> (Incomplete fix not applied)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835566
+	NOTE: CVE is for an incomplete fix of CVE-2020-1733
 CVE-2020-10743
 	RESERVED
 	- kibana <itp> (bug #700337)
@@ -29592,6 +29595,8 @@ CVE-2020-1733 (A race condition flaw was found in Ansible Engine 2.7.17 and prio
 	NOTE: https://github.com/ansible/ansible/issues/67791
 	NOTE: https://github.com/ansible/ansible/pull/68921
 	NOTE: https://github.com/ansible/ansible/commit/8077d8e40148fe77e2393caa5f2b2ea855149d63
+	NOTE: When applying the fix for CVE-2020-1733 make sure to apply complete fix to
+	NOTE: not open up CVE-2020-10744.
 CVE-2020-1732 (A flaw was found in Soteria before 1.0.1, in a way that multiple reque ...)
 	- wildfly <itp> (bug #752018)
 CVE-2020-1731 (A flaw was found in all versions of the Keycloak operator, before vers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afe8ef5207e276b289ae1b4dbed030c6e89376e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afe8ef5207e276b289ae1b4dbed030c6e89376e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200515/e0699d55/attachment.html>

More information about the debian-security-tracker-commits mailing list