[Git][security-tracker-team/security-tracker][master] old, bogus xz-utils issue

Mon Sep 4 12:22:37 BST 2023


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
42514206 by Moritz Muehlenhoff at 2023-09-04T13:21:00+02:00
old, bogus xz-utils issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -219598,7 +219598,7 @@ CVE-2020-22918
 CVE-2020-22917
 	RESERVED
 CVE-2020-22916 (An issue discovered in XZ 5.2.5 allows attackers to cause a denial of  ...)
-	TODO: check
+	NOTE: Bogus CVE, original URL is gone and resource limits are a natural constraint for any unpacker
 CVE-2020-22915
 	RESERVED
 CVE-2020-22914



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42514206bc6dcfed6d33e6c528bcc62d02836eeb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42514206bc6dcfed6d33e6c528bcc62d02836eeb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230904/7f0a1afd/attachment.htm>
