[Git][security-tracker-team/security-tracker][master] 3 commits: Update PR link for CVE-2020-7105 in hiredis.

Thu, 23 Jan 2020 08:40:57 -0800 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19d7c28f by Chris Lamb at 2020-01-23T16:36:08+00:00
Update PR link for CVE-2020-7105 in hiredis.

- - - - -
7f5baaf1 by Chris Lamb at 2020-01-23T16:36:32+00:00
dla-needed.txt: Correct "upstream" typo.

- - - - -
4d0d86c2 by Chris Lamb at 2020-01-23T16:40:28+00:00
dla-needed.txt: Update note for hiredis.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1709,8 +1709,7 @@ CVE-2020-7106 (Cacti 1.2.8 has stored XSS in 
data_sources.php, color_templates_i
        NOTE: 
https://github.com/Cacti/cacti/commit/47a000b5aba4af16967e249b25f25397506e3464
 CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0 
allow a N ...)
        - hiredis <unfixed>
-       NOTE: https://github.com/redis/hiredis/issues/747
-       NOTE: https://github.com/redis/hiredis/issues/751
+       NOTE: https://github.com/redis/hiredis/issues/754
 CVE-2020-7104 (The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS 
via th ...)
        NOT-FOR-US: chained-quiz plugin for WordPress
 CVE-2019-20380


=====================================
data/dla-needed.txt
=====================================
@@ -29,7 +29,8 @@ graphicsmagick (Thorsten Alteholz)
 hiredis (Chris Lamb)
   NOTE: 20200118: no upstream patches, yet, but should be easy to fix 
(sunweaver)
   NOTE: 20200119: submitted patch upstream (lamby) 
-  NOTE: 20200123: various alternative approaches being discussed uipstream 
(lamby)
+  NOTE: 20200123: various alternative approaches being discussed upstream 
(lamby)
+  NOTE: 20200123: new PR opened upstream (lamby)
 --
 ibus
   NOTE: 20191210: Requires glib2.0 to be patched also.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/88a8362591be3b6dc178bc1dcf8766a89544b319...4d0d86c2e55d520b8200ab9ba9d51a9810264599

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/88a8362591be3b6dc178bc1dcf8766a89544b319...4d0d86c2e55d520b8200ab9ba9d51a9810264599
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to