Hugo Lefeuvre pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bfb2cc04 by Hugo Lefeuvre at 2020-01-24T08:34:55+01:00
CVE-2020-7106/cacti: add followup patch
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1775,6 +1775,7 @@ CVE-2020-7106 (Cacti 1.2.8 has stored XSS in
data_sources.php, color_templates_i
NOTE: https://github.com/Cacti/cacti/issues/3191
NOTE:
https://github.com/Cacti/cacti/commit/4cbb045e03ee20a2bd09094a201a925fbb8a39d9
NOTE:
https://github.com/Cacti/cacti/commit/47a000b5aba4af16967e249b25f25397506e3464
+ NOTE:
https://github.com/Cacti/cacti/commit/b1c70e19466a6e69284e24cde437b55ccc454bee
CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0
allow a N ...)
- hiredis <unfixed>
NOTE: https://github.com/redis/hiredis/issues/754
=====================================
data/dla-needed.txt
=====================================
@@ -11,10 +11,6 @@
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
--
cacti (Chris Lamb)
- NOTE: CVE-2020-7106: one more followup fix is coming (currently PRed by
- NOTE: @smutranchi), we should probably wait for the fix to stabilize &
- NOTE: potential regression reports to come up before releasing a regression
- NOTE: update (2020-01-23, hle)
--
clamav (Hugo Lefeuvre)
NOTE: 20200111: waiting for 0.102.1 to enter stretch/buster.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bfb2cc0469ff9bad20582185965a14beb711ff98
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bfb2cc0469ff9bad20582185965a14beb711ff98
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
