[Git][security-tracker-team/security-tracker][master] Add CVE-2020-19909/curl

Wed Aug 23 07:55:10 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
45ffe593 by Salvatore Bonaccorso at 2023-08-23T08:54:41+02:00
Add CVE-2020-19909/curl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -223890,7 +223890,9 @@ CVE-2020-19911
 CVE-2020-19910
 	RESERVED
 CVE-2020-19909 (Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via cr ...)
-	TODO: check
+	- curl 7.66.0-1
+	NOTE: https://github.com/curl/curl/pull/4166
+	NOTE: Fixed by: https://github.com/curl/curl/commit/db0a0dfb0eb41d39273b0590b992df58f38b9a4d (curl-7_66_0)
 CVE-2020-19908
 	RESERVED
 CVE-2020-19907 (A command injection vulnerability in the sandcat plugin of Caldera 2.3 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45ffe593300abd0fb8822cd1256ecb91948f4db9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45ffe593300abd0fb8822cd1256ecb91948f4db9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/8aa1bd8b/attachment.htm>
