[Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-28473
Salvatore Bonaccorso
carnil at debian.org
Sun Jan 24 08:17:23 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
888c8e33 by Salvatore Bonaccorso at 2021-01-24T09:16:57+01:00
Add upstream commit for CVE-2020-28473
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20906,6 +20906,7 @@ CVE-2020-28474
CVE-2020-28473 (The package bottle from 0 and before 0.12.19 are vulnerable to Web Cac ...)
- python-bottle 0.12.19-1
NOTE: https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108
+ NOTE: Fixed by: https://github.com/bottlepy/bottle/commit/57a2f22e0c1d2b328c4f54bf75741d74f47f1a6b (0.12.19)
CVE-2020-28472 (This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0- ...)
TODO: check
CVE-2020-28471
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/888c8e332cf062a62de8abb1fe7d06cd79d39293
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/888c8e332cf062a62de8abb1fe7d06cd79d39293
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210124/c9078de6/attachment.html>
More information about the debian-security-tracker-commits
mailing list