[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-2894{8,9}/php-pear
Salvatore Bonaccorso
carnil at debian.org
Sun Nov 29 19:52:53 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65c1c5f3 by Salvatore Bonaccorso at 2020-11-29T20:52:19+01:00
Add Debian bug reference for CVE-2020-2894{8,9}/php-pear
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -930,14 +930,14 @@ CVE-2020-28950
CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...)
{DLA-2466-1 DLA-2465-1}
- drupal7 <removed>
- - php-pear <unfixed>
+ - php-pear <unfixed> (bug #976108)
NOTE: https://github.com/pear/Archive_Tar/issues/33
NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
NOTE: https://www.drupal.org/sa-core-2020-013
CVE-2020-28948 (Archive_Tar through 1.4.10 allows an unserialization attack because ph ...)
{DLA-2466-1 DLA-2465-1}
- drupal7 <removed>
- - php-pear <unfixed>
+ - php-pear <unfixed> (bug #976108)
NOTE: https://github.com/pear/Archive_Tar/issues/33
NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
NOTE: https://www.drupal.org/sa-core-2020-013
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65c1c5f35bbcb3af58a594381759952b7d94f614
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65c1c5f35bbcb3af58a594381759952b7d94f614
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201129/d9ed3f89/attachment.html>
More information about the debian-security-tracker-commits
mailing list