[Git][security-tracker-team/security-tracker][master] three.js n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon May 24 16:31:29 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c03a17c9 by Moritz Mühlenhoff at 2021-05-24T17:31:03+02:00
three.js n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -40022,9 +40022,7 @@ CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographi
CVE-2020-28497
RESERVED
CVE-2020-28496 (This affects the package three before 0.125.0. This can happen when ha ...)
- - three.js <unfixed> (bug #988726)
- [buster] - three.js <no-dsa> (Minor issue)
- [stretch] - three.js <no-dsa> (can be fixed along in next DLA)
+ - three.js <not-affected> (Vulnerable code introduced later, #988726)
NOTE: https://github.com/mrdoob/three.js/pull/21143/commits/4a582355216b620176a291ff319d740e619d583e
NOTE: https://github.com/mrdoob/three.js/issues/21132
CVE-2020-28495 (This affects the package total.js before 3.4.7. The set function can b ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a17c9bc9fb70d6db3d8452d4c4b575f5fdea0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a17c9bc9fb70d6db3d8452d4c4b575f5fdea0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210524/067cadbb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list