[Git][security-tracker-team/security-tracker][master] haskell-cmark-gfm switched to system lib, not that one isn't fixed yet
Moritz Muehlenhoff
jmm at debian.org
Fri Sep 4 10:12:20 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0623a23b by Moritz Muehlenhoff at 2020-09-04T11:11:53+02:00
haskell-cmark-gfm switched to system lib, not that one isn't fixed yet
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47356,6 +47356,7 @@ CVE-2020-5238 (The table extension in GitHub Flavored Markdown before version 0.
[buster] - r-cran-commonmark <no-dsa> (Minor issue)
NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
NOTE: https://github.com/github/cmark-gfm/commit/85d895289c5ab67f988ca659493a64abb5fec7b4
+ NOTE: haskell-cmark-gfm switched to src:cmark-gfm in 0.2.1+ds1-1
CVE-2020-5237 (Multiple relative path traversal vulnerabilities in the oneup/uploader ...)
NOT-FOR-US: oneup/uploader-bundle
CVE-2020-5236 (Waitress version 1.4.2 allows a DOS attack When waitress receives a he ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0623a23bc5932f02840f7dacee4199140f4491a4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0623a23bc5932f02840f7dacee4199140f4491a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200904/abd7365d/attachment.html>
More information about the debian-security-tracker-commits
mailing list