Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72f68c64 by Salvatore Bonaccorso at 2020-03-31T21:06:50+02:00
Add reference to commit for bubblewrap issue
- - - - -
c9321b01 by Salvatore Bonaccorso at 2020-03-31T21:07:17+02:00
Track assigned CVE for bubblewrap issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,8 +1,9 @@
-CVE-2020-XXXX [bubblewrap priv escalation]
+CVE-2020-5291 [bubblewrap priv escalation]
- bubblewrap 0.4.1-1 (low)
[buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
[stretch] - bubblewrap <not-affected> (Introduced in 0.4.0)
NOTE:
https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj
+ NOTE:
https://github.com/containers/bubblewrap/commit/1f7e2ad948c051054b683461885a0215f1806240
CVE-2020-11113 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the
interact ...)
- jackson-databind <unfixed>
NOTE: https://github.com/FasterXML/jackson-databind/issues/2670
@@ -13455,8 +13456,6 @@ CVE-2020-5293
RESERVED
CVE-2020-5292
RESERVED
-CVE-2020-5291
- RESERVED
CVE-2020-5290
RESERVED
CVE-2020-5289 (In Elide before 4.5.14, it is possible for an adversary to
"guess and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3018d1e58c9d503a5b1fade65e0f7332415170a4...c9321b0121cc9bbb4e128cfe4668c59d57ff99b8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3018d1e58c9d503a5b1fade65e0f7332415170a4...c9321b0121cc9bbb4e128cfe4668c59d57ff99b8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
