[Git][security-tracker-team/security-tracker][master] Add CVE-2020-26116 tracking

Sun, 27 Sep 2020 01:42:46 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
17a7a8fe by Salvatore Bonaccorso at 2020-09-27T10:41:26+02:00
Add CVE-2020-26116 tracking

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8,7 +8,18 @@ CVE-2020-26117 (In rfb/CSecurityTLS.cxx and 
rfb/CSecurityTLS.java in TigerVNC be
        NOTE: 
https://github.com/TigerVNC/tigervnc/commit/b30f10c681ec87720cff85d490f67098568a9cba
 (master)
        NOTE: 
https://github.com/TigerVNC/tigervnc/commit/f029745f63ac7d22fb91639b2cb5b3ab56134d6e
 (master)
 CVE-2020-26116 (http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 
3.7.x be ...)
-       TODO: check
+       - python3.9 3.9.0~b5-1
+       - python3.8 3.8.5-1
+       - python3.7 <removed>
+       - python3.5 <removed>
+       NOTE: https://bugs.python.org/issue39603
+       NOTE: 
https://python-security.readthedocs.io/vuln/http-header-injection-method.html
+       NOTE: 
https://github.com/python/cpython/commit/8ca8a2e8fb068863c1138f07e3098478ef8be12e
 (master)
+       NOTE: 
https://github.com/python/cpython/commit/27b811057ff5e93b68798e278c88358123efdc71
 (v3.9.0b5)
+       NOTE: 
https://github.com/python/cpython/commit/668d321476d974c4f51476b33aaca870272523bf
 (v3.8.5)
+       NOTE: 
https://github.com/python/cpython/commit/ca75fec1ed358f7324272608ca952b2d8226d11a
 (v3.7.9)
+       NOTE: 
https://github.com/python/cpython/commit/f02de961b9f19a5db0ead56305fe0057a78787ae
 (v3.6.12)
+       NOTE: 
https://github.com/python/cpython/commit/524b8de630036a29ca340bc2ae6fd6dc7dda8f40
 (v3.5.10)
 CVE-2020-26115 (cPanel before 90.0.10 allows self XSS via the Cron Editor 
interface (S ...)
        NOT-FOR-US: cPanel
 CVE-2020-26114 (cPanel before 90.0.10 allows self XSS via the Cron Jobs 
interface (SEC ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a7a8feae56f7ec196b9a4fc560c7ea7ab6e490

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a7a8feae56f7ec196b9a4fc560c7ea7ab6e490
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to