[Git][security-tracker-team/security-tracker][master] Mark CVE-2020-25220 as not-affected
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 10 09:23:11 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
81274b72 by Salvatore Bonaccorso at 2020-09-10T10:21:36+02:00
Mark CVE-2020-25220 as not-affected
Mainline was not affected and only some stable series (invluding v4.9.y
and v4.19.y) had the problem. But no Debian released version including
the v4.9.y and v4.19.y series did contain only the fpartial fix for
CVE-2020-14356 and thus not affected by CVE-2020-25220.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,7 @@
CVE-2020-25220 (The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.1 ...)
- TODO: check
+ - linux <not-affected> (Vulnerable code not present and no partial CVE-2020-14356 fix backported)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1868453
+ NOTE: https://www.spinics.net/lists/stable/msg405099.html
CVE-2020-25219 (url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a rem ...)
- libproxy <unfixed>
NOTE: https://github.com/libproxy/libproxy/issues/134
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81274b720fd8a76313ace68339cc501608b663ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81274b720fd8a76313ace68339cc501608b663ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200910/35e9f246/attachment.html>
More information about the debian-security-tracker-commits
mailing list