Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93b0cee9 by Salvatore Bonaccorso at 2020-12-11T19:24:01+01:00
Add fixed version via unstable for CVE-2020-2894{8,9}/php-pear
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3383,14 +3383,14 @@ CVE-2020-28950 (The installer of Kaspersky
Anti-Ransomware Tool (KART) prior to
CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only
to addre ...)
{DLA-2466-1 DLA-2465-1}
- drupal7 <removed>
- - php-pear <unfixed> (bug #976108)
+ - php-pear 1:1.10.9+submodules+notgz-1.1 (bug #976108)
NOTE: https://github.com/pear/Archive_Tar/issues/33
NOTE:
https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
NOTE: https://www.drupal.org/sa-core-2020-013
CVE-2020-28948 (Archive_Tar through 1.4.10 allows an unserialization attack
because ph ...)
{DLA-2466-1 DLA-2465-1}
- drupal7 <removed>
- - php-pear <unfixed> (bug #976108)
+ - php-pear 1:1.10.9+submodules+notgz-1.1 (bug #976108)
NOTE: https://github.com/pear/Archive_Tar/issues/33
NOTE:
https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
NOTE: https://www.drupal.org/sa-core-2020-013
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b0cee9b84b7574b88ced7e3e054d1179299f88
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b0cee9b84b7574b88ced7e3e054d1179299f88
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
