Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b983d88 by security tracker role at 2021-10-17T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -109071,7 +109071,7 @@ CVE-2020-11082 (In Kaminari before 1.2.1, there is a
vulnerability that would al
CVE-2020-11081 (osquery before version 4.4.0 enables a privilege escalation
vulnerabil ...)
- osquery <itp> (bug #803502)
CVE-2020-11080 (In nghttp2 before version 1.41.0, the overly large HTTP/2
SETTINGS fra ...)
- {DSA-4696-1}
+ {DSA-4696-1 DLA-2786-1}
- nghttp2 1.41.0-1
- nodejs 10.21.0~dfsg-1 (bug #962145)
[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security
support)
@@ -221203,6 +221203,7 @@ CVE-2018-9860 (An issue was discovered in Botan
1.11.32 through 2.x before 2.6.0
CVE-2018-9859 (The path of Whale update service was unquoted in NAVER Whale
before 1. ...)
NOT-FOR-US: Whale
CVE-2018-1000168 (nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0
contains an Imp ...)
+ {DLA-2786-1}
- nghttp2 1.31.1-1 (low; bug #895566)
[jessie] - nghttp2 <not-affected> (Issue introduced in 1.10.0)
NOTE: Affected versions: nghttp2 >= 1.10.0 and nghttp2 <= v1.31.0
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b983d88b0693e5b37a17551f98d33184aca7ee3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b983d88b0693e5b37a17551f98d33184aca7ee3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
