Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
caecd657 by Salvatore Bonaccorso at 2020-12-06T20:51:02+01:00
Add CVE-2020-1750{8,9}/trafficserver
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29128,10 +29128,16 @@ CVE-2020-17511
CVE-2020-17510 (Apache Shiro before 1.7.0, when using Apache Shiro with
Spring, a spec ...)
- shiro <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/7
-CVE-2020-17509
+CVE-2020-17509 [ATS negative cache option is vulnerable to a cache poisoning
attack]
RESERVED
-CVE-2020-17508
+ - trafficserver 8.1.1+ds-1
+ NOTE: https://github.com/apache/trafficserver/pull/7359
+ NOTE:
https://lists.apache.org/thread.html/raa9f0589c26c4d146646425e51e2a33e1457492df9f7ea2019daa6d3%40%3Cdev.trafficserver.apache.org%3E
+CVE-2020-17508 [The ATS ESI plugin has a memory disclosure vulnerability]
RESERVED
+ - trafficserver 8.1.1+ds-1
+ NOTE: https://github.com/apache/trafficserver/pull/7358
+ NOTE:
https://lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cdev.trafficserver.apache.org%3E
CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x
through 5.15. ...)
{DLA-2377-1 DLA-2376-1}
- qtbase-opensource-src 5.14.2+dfsg-6 (bug #968444)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/caecd657d8e60be605b5c5c3b2ddddd52184b089
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/caecd657d8e60be605b5c5c3b2ddddd52184b089
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
