[Git][security-tracker-team/security-tracker][master] Add CVE-2020-26159/libonig

Wed, 30 Sep 2020 13:23:21 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
187a4d0c by Salvatore Bonaccorso at 2020-09-30T22:22:23+02:00
Add CVE-2020-26159/libonig

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,9 @@ CVE-2020-26161
 CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass 
intended acces ...)
        TODO: check
 CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular 
expressi ...)
-       TODO: check
+       - libonig <unfixed>
+       NOTE: 
https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0
+       NOTE: https://github.com/kkos/oniguruma/issues/207
 CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of 
Service (R ...)
        TODO: check
 CVE-2019-20921 (bootstrap-select before 1.13.6 allows Cross-Site Scripting 
(XSS). It d ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/187a4d0c7b84a1544d5cad68c83505e90dcaf767

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/187a4d0c7b84a1544d5cad68c83505e90dcaf767
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to