Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9fa2a99 by Salvatore Bonaccorso at 2021-04-07T21:50:54+02:00
Update notes for CVE-2019-20790 (indicating revisit)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71056,8 +71056,9 @@ CVE-2019-20790 (OpenDMARC through 1.3.2 and 1.4.x, when
used with pypolicyd-spf
NOTE: https://sourceforge.net/p/opendmarc/tickets/235/
NOTE:
https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
NOTE: Issue is disputed upstream and considered "work as designed"
(wontfix)
- NOTE:
https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20970
- NOTE: (there ia typo in above reference)
+ NOTE:
https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20790
+ NOTE: Upstream reconsidering position:
+ NOTE: https://github.com/trusteddomainproject/OpenDMARC/issues/158
CVE-2020-12266 (An issue was discovered where there are multiple externally
accessible ...)
NOT-FOR-US: WAVLINK
CVE-2020-12265 (The decompress package before 4.2.1 for Node.js is vulnerable
to Arbit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9fa2a9934ec5d52d995bc69b0155a16c054d36a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9fa2a9934ec5d52d995bc69b0155a16c054d36a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
