[Git][security-tracker-team/security-tracker][master] Add additional references for the origins of CVE-2020-8908
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 22 20:24:51 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aa02363b by Salvatore Bonaccorso at 2023-06-22T21:24:13+02:00
Add additional references for the origins of CVE-2020-8908
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -243863,6 +243863,10 @@ CVE-2020-8909
RESERVED
CVE-2020-8908 (A temp directory creation vulnerability exists in all versions of Guav ...)
- guava-libraries <unfixed>
+ NOTE: https://github.com/google/guava/issues/4011
+ NOTE: https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
+ NOTE: Issue incompletely fixed:
+ NOTE: https://github.com/google/guava/issues/4011#issuecomment-1573923586
NOTE: https://github.com/google/guava/releases/tag/v32.0.0
NOTE: https://github.com/google/guava/issues/2575
CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa02363b6c51ea43b327baf1ffdbf0a3eed56c17
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa02363b6c51ea43b327baf1ffdbf0a3eed56c17
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230622/97409797/attachment.htm>
More information about the debian-security-tracker-commits
mailing list