Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0663b09a by Salvatore Bonaccorso at 2020-02-04T21:01:22+01:00
Add CVE-2020-5235/nanopb
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7272,7 +7272,11 @@ CVE-2020-5236 (Waitress version 1.4.2 allows a DOS
attack When waitress receives
NOTE:
https://github.com/Pylons/waitress/security/advisories/GHSA-73m2-3pwg-5fgc
NOTE:
https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f
CVE-2020-5235 (There is a potentially exploitable out of memory condition In
Nanopb b ...)
- TODO: check
+ - nanopb <not-affected> (Fixed before initial upload to Debian)
+ NOTE:
https://github.com/nanopb/nanopb/security/advisories/GHSA-gcx3-7m76-287p
+ NOTE:
https://github.com/nanopb/nanopb/commit/45582f1f97f49e2abfdba1463d1e1027682d9856
+ NOTE:
https://github.com/nanopb/nanopb/commit/7b396821ddd06df8e39143f16e1dc0a4645b89a3
+ NOTE:
https://github.com/nanopb/nanopb/commit/aa9d0d1ca78d6adec3adfeecf3a706c7f9df81f2
CVE-2020-5234 (MessagePack for C# and Unity before version 1.9.3 and 2.1.80
has a vul ...)
TODO: check
CVE-2020-5233 (OAuth2 Proxy before 5.0 has an open redirect vulnerability.
Authentica ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0663b09a4b3c275e9b81dd4d89dbc35412f962cd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0663b09a4b3c275e9b81dd4d89dbc35412f962cd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
