Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
863c7a65 by Salvatore Bonaccorso at 2020-09-11T21:13:23+02:00
Reference commits for CVE-2020-13920/activemq
Reference both commits the initial commit for CVE-2020-13920 but as well
the followup comit from 5.15.13 which fixes a regression leading to the
CVE-2020-11998 assignment for ActiveMQ.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24397,6 +24397,8 @@ CVE-2020-13920 (Apache ActiveMQ uses
LocateRegistry.createRegistry() to create t
NOTE: When fixing this issue make sure to use a complete fix and not
open up
NOTE: CVE-2020-11998 (a regression introduced in 5.15.12 in the commit
preventing
NOTE: JMX re-bind).
+ NOTE: Fixed by:
https://github.com/apache/activemq/commit/c29244931d54affaceabb478b3a52d9b74f5d543
(activemq-5.15.12)
+ NOTE: Followup needed:
https://github.com/apache/activemq/commit/0d6e5f240ef34bae2e4089102047593bef628e6c
(activemq-5.15.13)
CVE-2020-13919 (emfd/libemf in Ruckus Wireless Unleashed through
200.7.10.102.92 allow ...)
NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13918 (Incorrect access control in webs in Ruckus Wireless Unleashed
through ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863c7a656e7da69a68f96ff5772b94abcab4a91b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863c7a656e7da69a68f96ff5772b94abcab4a91b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
