Control: clone 965985 -1
Control: retitle 965985 bareos: CVE-2020-4042
Control: retitle -1 bareos: CVE-2020-11061
Control: forwarded 965985 https://bugs.bareos.org/view.php?id=1250
Control: forwarded -1 https://bugs.bareos.org/view.php?id=1210
Hi Moritz,
On Tue, Jul 21, 2020 at 09:32:16PM +0200, Moritz Muehlenhoff wrote:
> Source: bareos
> Severity: grave
> Tags: security
>
> CVE-2020-11061:
> https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4
>
> CVE-2020-4042
> https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752
Going to clone/split this bug into two separately, with the following
reason. While both are covered in the supported Debian releases
samewise from the affected versions, CVE-2020-4042 is harder to handle
in the affected versions. Splitting the bug makes it easier to handle
the issues sepaately and e.g. fixing CVE-2020-11061 first with an
isolated fix.
Hope you are fine with that move, will update the security-tracker
then accordingly.
Regards,
Salvatore
