Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5dd8fc81 by Salvatore Bonaccorso at 2022-11-26T11:14:13+01:00
Update information for CVE-2020-36309
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -116799,11 +116799,13 @@ CVE-2020-36310 (An issue was discovered in the
Linux kernel before 5.8. arch/x86
[stretch] - linux <not-affected> (Vulnerability introduced later)
NOTE:
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
CVE-2020-36309 (ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in
OpenResty ...)
- - nginx <unfixed> (bug #986787)
+ - libnginx-mod-http-lua 1:0.10.22-4
+ - nginx 1.22.0-3 (bug #986787)
[bullseye] - nginx <ignored> (Minor issue, too intrusive to backport,
see #986787)
[buster] - nginx <ignored> (Minor issue, too intrusive to backport, see
#986787)
[stretch] - nginx <postponed> (Minor issue; can be fixed in next update)
NOTE: https://github.com/openresty/lua-nginx-module/pull/1654
+ NOTE: src:nginx/1.22.0-3 removed the http-lua module and moved it to a
separate package
CVE-2020-36308 (Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers
to discov ...)
{DLA-2658-1}
- redmine 4.0.7-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd8fc8191005e50c7d709e7923df37fcab6d9cc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd8fc8191005e50c7d709e7923df37fcab6d9cc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
