[Git][security-tracker-team/security-tracker][master] CVE-2020-1745: Reference upstream pull request

Florian Weimer Sat, 11 Apr 2020 04:12:26 -0700


Florian Weimer pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2781883e by Florian Weimer at 2020-04-11T13:10:25+02:00
CVE-2020-1745: Reference upstream pull request

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25251,6 +25251,9 @@ CVE-2020-1745 [AJP File Read/Inclusion Vulnerability]
        RESERVED
        - undertow <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1807305
+       NOTE: Variant of the Ghostcat Tomcat vulnerability, CVE-2020-1938.
+       NOTE: According to 
https://lists.jboss.org/pipermail/undertow-dev/2020-March/002422.html
+       NOTE: the fix is: https://github.com/undertow-io/undertow/pull/859
 CVE-2020-1744 (A flaw was found in keycloak before version 9.0.1. When 
configuring an ...)
        NOT-FOR-US: Keycloak
 CVE-2020-1743



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2781883e75332b7889e319e41f3de7fc9935376d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2781883e75332b7889e319e41f3de7fc9935376d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2020-1745: Reference upstream pull request

Reply via email to