Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6058ecc1 by Salvatore Bonaccorso at 2020-04-07T18:08:29+02:00
Add CVE-2020-1760/ceph
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24548,8 +24548,14 @@ CVE-2020-1762
CVE-2020-1761
RESERVED
NOT-FOR-US: OpenShift
-CVE-2020-1760
- RESERVED
+CVE-2020-1760 [header-splitting in RGW GetObject has a possible XSS]
+ RESERVED
+ - ceph <unfixed>
+ NOTE: Introduced with:
https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e
+ NOTE: Fixed by:
https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1
+ NOTE: Fixed by:
https://github.com/ceph/ceph-ci/commit/18eb4d918b27d362312c29a3bbd57a421897c0a5
+ NOTE: Fixed by:
https://github.com/ceph/ceph-ci/commit/1bf14094fec34770d2cc74317f4238ccb2dfef98
+ NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/1
CVE-2020-1759
RESERVED
CVE-2020-1758
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6058ecc121fc33c94d18206a50a08b6cbf5f3e07
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6058ecc121fc33c94d18206a50a08b6cbf5f3e07
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
