[Git][security-tracker-team/security-tracker][master] CVE-2020-27782,undertow: Fixed in 2.2.4-1

Mon Feb 22 15:46:44 GMT 2021


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11626eda by Markus Koschany at 2021-02-22T16:46:11+01:00
CVE-2020-27782,undertow: Fixed in 2.2.4-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28366,9 +28366,9 @@ CVE-2020-27783 (A XSS vulnerability was discovered in python-lxml's clean module
 	NOTE: https://github.com/lxml/lxml/commit/a105ab8dc262ec6735977c25c13f0bdfcdec72a7 (lxml-4.6.2)
 CVE-2020-27782
 	RESERVED
-	- undertow <undetermined>
+	- undertow 2.2.4-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1901304
-	TODO: check details
+	NOTE: https://issues.redhat.com/browse/UNDERTOW-1824
 CVE-2020-27781 (User credentials can be manipulated and stolen by Native CephFS consum ...)
 	- ceph <unfixed>
 	NOTE: https://bugs.launchpad.net/manila/+bug/1904015



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11626eda9f715372e1609f475630db693bb44c37

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11626eda9f715372e1609f475630db693bb44c37
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210222/260f0f07/attachment.htm>
