Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0e82ea63 by Salvatore Bonaccorso at 2020-08-25T10:46:27+02:00
Update status for CVE-2020-14330/ansible
Maintainer confirms (and checked with upstream) that the first PR
attempts to fix the CVE, adds tests and changelog entry, the 2nd PR
referts the initial fix, adds another more elaborated fix. Thus both PRs
are needed for the CVE fix.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21702,7 +21702,9 @@ CVE-2020-14330
RESERVED
- ansible <unfixed>
NOTE: https://github.com/ansible/ansible/issues/68400
- NOTE: https://github.com/ansible/ansible/pull/69653
+ NOTE: Initial fix: https://github.com/ansible/ansible/pull/69653
+ NOTE: Complete fix (reverting first and adding more elaborated fix):
+ NOTE: https://github.com/ansible/ansible/pull/70762
NOTE:
https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
CVE-2020-14329
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e82ea6341432a946bcded58abcec1bf3bc44853
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e82ea6341432a946bcded58abcec1bf3bc44853
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
