Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f0ed3b03 by Moritz Muehlenhoff at 2022-10-24T00:26:20+02:00
mark two activemq issues as fixed, thanks to Pierre Gruet
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -177358,7 +177358,7 @@ CVE-2020-13949 (In Apache Thrift 0.9.3 to 0.13.0,
malicious RPC clients could se
CVE-2020-13948 (While investigating a bug report on Apache Superset, it was
determined ...)
NOT-FOR-US: Apache Superset
CVE-2020-13947 (An instance of a cross-site scripting vulnerability was
identified to ...)
- - activemq <unfixed> (unimportant)
+ - activemq 5.16.1-1 (unimportant)
NOTE: Admin console not enabled in the Debian package, see #702670)
NOTE: Fixed in 5.15.13, 5.16.1
CVE-2020-13946 (In Apache Cassandra, all versions prior to 2.1.22, 2.2.18,
3.0.22, 3.1 ...)
@@ -210744,7 +210744,7 @@ CVE-2020-1943 (Data sent with contentId to
/control/stream is not sanitized, all
CVE-2020-1942 (In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory
generated ...)
NOT-FOR-US: Apache NiFi
CVE-2020-1941 (In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI
is open ...)
- - activemq <unfixed> (unimportant)
+ - activemq 5.16.1-1 (unimportant)
NOTE: Admin console not enabled in the Debian package, see #702670)
NOTE: Fixed in 5.15.12
CVE-2020-1940 (The optional initial password change and password expiration
features ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0ed3b03e7df3c833c43a35a8726d34b78996ce1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0ed3b03e7df3c833c43a35a8726d34b78996ce1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
