[Git][security-tracker-team/security-tracker][master] CVE-2020-25467/lrzip: check fixing commit and upload

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7e920853 by Sylvain Beucler at 2022-04-09T14:55:04+02:00
CVE-2020-25467/lrzip: check fixing commit and upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -108923,10 +108923,10 @@ CVE-2020-25469
 CVE-2020-25468
        RESERVED
 CVE-2020-25467 (A null pointer dereference was discovered lzo_decompress_buf 
in stream ...)
-       - lrzip <undetermined>
+       - lrzip 0.640-1
        NOTE: https://bugs.launchpad.net/ubuntu/+source/lrzip/+bug/1893641
        NOTE: https://github.com/ckolivas/lrzip/issues/163
-       TODO: check fixing commit
+       NOTE: 
https://github.com/ckolivas/lrzip/commit/e74a11c21bb89d1f48632d8a08f6d66eee923a80
 (v0.640)
 CVE-2020-25466 (A SSRF vulnerability exists in the downloadimage interface of 
CRMEB 3. ...)
        NOT-FOR-US: CRMEB
 CVE-2020-25465 (Null Pointer Dereference. in xObjectBindingFromExpression at 
moddable/ ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e920853930591ab5fb8ffe11eb0a9e7bd8ec7d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e920853930591ab5fb8ffe11eb0a9e7bd8ec7d9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits