Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93ed9655 by Salvatore Bonaccorso at 2021-01-19T06:55:41+01:00
Add CVE-2020-36193/php-pear
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16816,6 +16816,9 @@ CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and
19.x before 19.07.5 may enc
NOT-FOR-US: libuci in OpenWrt
CVE-2020-28950 (The installer of Kaspersky Anti-Ransomware Tool (KART) prior
to KART 4 ...)
NOT-FOR-US: installer of Kaspersky Anti-Ransomware Tool (KART)
+CVE-2020-36193 [Disallow symlinks to out-of-path filenames]
+ - php-pear <unfixed> (bug #980428)
+ NOTE:
https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916
CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only
to addre ...)
{DSA-4817-1 DLA-2466-1 DLA-2465-1}
- drupal7 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93ed96551726e2d470426f17c19e145e8a8d3d15
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93ed96551726e2d470426f17c19e145e8a8d3d15
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
