William Desportes pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
70f09da3 by William Desportes at 2020-03-22T14:03:03+01:00
Mark jessie as not-affected by CVE-2020-10804
I did the research in the GIT history and in the code of latest jessie version
and could not find anything (obviously)
The vulnerabilities where introduced in 4.5.x and jessie has a 4.2.12 version
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,8 @@
CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL
injection v ...)
- phpmyadmin <unfixed>
+ [jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
+ NOTE: Introduced-by:
https://github.com/phpmyadmin/phpmyadmin/commit/56b43527196b0349ec2bea8ca711667e5aa75c65
+ NOTE: Introduced-by:
https://github.com/phpmyadmin/phpmyadmin/commit/d55abcd5ffa1ea8785f1217f5b7d78a8a54b8542
NOTE: https://www.phpmyadmin.net/security/PMASA-2020-2/
NOTE:
https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad
NOTE:
https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
