William Desportes pushed to branch master at Debian Security Tracker / security-tracker
Commits: 70f09da3 by William Desportes at 2020-03-22T14:03:03+01:00 Mark jessie as not-affected by CVE-2020-10804 I did the research in the GIT history and in the code of latest jessie version and could not find anything (obviously) The vulnerabilities where introduced in 4.5.x and jessie has a 4.2.12 version - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,8 @@ CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...) - phpmyadmin <unfixed> + [jessie] - phpmyadmin <not-affected> (Vulnerable code not present) + NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/56b43527196b0349ec2bea8ca711667e5aa75c65 + NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/d55abcd5ffa1ea8785f1217f5b7d78a8a54b8542 NOTE: https://www.phpmyadmin.net/security/PMASA-2020-2/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70f09da324e4a157f9840b69468174d6d1ad4669 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits