[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-5408/libspring-security-2.0-java does not affect jessie
Roberto C. Sánchez
roberto at debian.org
Mon May 18 20:46:12 BST 2020
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
805dca98 by Roberto C. Sánchez at 2020-05-18T15:45:27-04:00
CVE-2020-5408/libspring-security-2.0-java does not affect jessie
- - - - -
2d61120e by Roberto C. Sánchez at 2020-05-18T15:46:01-04:00
LTS: remove libspring-security-2.0-java from dla-needed.txt, no open issues
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -19526,6 +19526,7 @@ CVE-2020-5409 (Pivotal Concourse, most versions prior to 6.0.0, allows redirects
NOT-FOR-US: Pivotal
CVE-2020-5408 (Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5 ...)
- libspring-security-2.0-java <removed>
+ [jessie] - libspring-security-2.0-java <not-affected> (Vulnerable code introduced later)
CVE-2020-5407 (Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 ...)
- libspring-security-2.0-java <removed>
[jessie] - libspring-security-2.0-java <not-affected> (Vulnerable code introduced later)
=====================================
data/dla-needed.txt
=====================================
@@ -69,8 +69,6 @@ libmatio (Adrian Bunk)
NOTE: 20190428: older changes seem to also be required for them
NOTE: 20200518: work is ongoing (bunk)
--
-libspring-security-2.0-java (Roberto C. Sánchez)
---
linux (Ben Hutchings)
--
linux-4.9 (Ben Hutchings)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/356df556c3ecc47dfb480e9dab732afa7f752bb5...2d61120ef593e7906648e12fc3a10ec781b30d01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/356df556c3ecc47dfb480e9dab732afa7f752bb5...2d61120ef593e7906648e12fc3a10ec781b30d01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200518/d161e8f0/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list