Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb66433d by Salvatore Bonaccorso at 2020-02-25T08:28:30+01:00
CVE-2020-9366/screen: Mark versions prior to 4.7.0 as not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,6 +37,9 @@ CVE-2016-11020 (Kunena before 5.0.4 does not restrict avatar
file extensions to
TODO: check
CVE-2020-9366 (A buffer overflow was found in the way GNU Screen before 4.8.0
treated ...)
- screen 4.8.0-1 (bug #950896)
+ [buster] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
+ [stretch] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
+ [jessie] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
NOTE:
https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
NOTE: https://www.openwall.com/lists/oss-security/2020/02/06/3
NOTE: Fixed by:
https://git.savannah.gnu.org/cgit/screen.git/commit/?id=68386dfb1fa33471372a8cd2e74686758a2f527b
(v4.8.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb66433d30052094517dc3f1e28ed6fe0d1d5a6c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb66433d30052094517dc3f1e28ed6fe0d1d5a6c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
