Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c65f232d by Salvatore Bonaccorso at 2021-06-08T18:08:03+02:00
Add todo for CVE-2020-20178, contact still ongoing
To summarize status: CVE-2020-20178 in its description refers to
OpenLDAP. The bugzilla reference in the CVE entry though is for ansible,
and for the CVE-202*1*-20178 CVE. SuSE on the other hand references the
CVE to refer to another Red Hat bugzilla entry which covers
CVE-2021-27212.
Situation with CVE-2020-20178 needs to be resolved by its assigning CNA.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -62817,6 +62817,7 @@ CVE-2020-20178 (A flaw was found in OpenLDAP. This flaw
allows an attacker who c
NOTE: https://bugs.openldap.org/show_bug.cgi?id=9454
NOTE:
https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0
NOTE:
https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
+ TODO: confusing CVE, description refers to OpenLDAP whilst referenced
RH bug refers to CVE-2021-20178, MITRE contacted, above references from SuSE
bugzilla, though duplicate of CVE-2021-27212, no reply yet from CNAs
CVE-2020-20177
RESERVED
CVE-2020-20176
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c65f232d4b9238a363d2839f5c6ca8c851e55ef6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c65f232d4b9238a363d2839f5c6ca8c851e55ef6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
