[Git][security-tracker-team/security-tracker][master] Add CVE-2020-36846/libio-compress-brotli-perl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 30 05:52:54 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0e45b5d by Salvatore Bonaccorso at 2025-05-30T06:52:20+02:00
Add CVE-2020-36846/libio-compress-brotli-perl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,10 @@
+CVE-2020-36846
+ - libio-compress-brotli-perl <not-affected> (Debian package uses the system library from the initial packaging)
+ NOTE: https://lists.security.metacpan.org/cve-announce/msg/30005245/
+ NOTE: https://github.com/google/brotli/pull/826
+ NOTE: https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52
+ NOTE: Marked exceptionally as not-affected as the Debian packaging uses the
+ NOTE: system library since the beginning.
CVE-2025-5334 (Exposure of private personal information to an unauthorized actor in t ...)
NOT-FOR-US: Devolutions
CVE-2025-5326 (A vulnerability was found in zhilink \u667a\u4e92\u8054(\u6df1\u5733)\ ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e45b5d48d11329d34673eb960742863c7e4929
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e45b5d48d11329d34673eb960742863c7e4929
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250530/a2fe4835/attachment.htm>
More information about the debian-security-tracker-commits
mailing list