[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2019-20790 (indicating revisit)
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 7 20:51:35 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e9fa2a99 by Salvatore Bonaccorso at 2021-04-07T21:50:54+02:00
Update notes for CVE-2019-20790 (indicating revisit)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71056,8 +71056,9 @@ CVE-2019-20790 (OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf
NOTE: https://sourceforge.net/p/opendmarc/tickets/235/
NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
NOTE: Issue is disputed upstream and considered "work as designed" (wontfix)
- NOTE: https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20970
- NOTE: (there ia typo in above reference)
+ NOTE: https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20790
+ NOTE: Upstream reconsidering position:
+ NOTE: https://github.com/trusteddomainproject/OpenDMARC/issues/158
CVE-2020-12266 (An issue was discovered where there are multiple externally accessible ...)
NOT-FOR-US: WAVLINK
CVE-2020-12265 (The decompress package before 4.2.1 for Node.js is vulnerable to Arbit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9fa2a9934ec5d52d995bc69b0155a16c054d36a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9fa2a9934ec5d52d995bc69b0155a16c054d36a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210407/393ec741/attachment.htm>
More information about the debian-security-tracker-commits
mailing list