[Git][security-tracker-team/security-tracker][master] Add CVE-2020-14387/rsync

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b2d66d11 by Salvatore Bonaccorso at 2020-09-04T08:28:43+02:00
Add CVE-2020-14387/rsync

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22671,8 +22671,12 @@ CVE-2020-14389
        RESERVED
 CVE-2020-14388
        RESERVED
-CVE-2020-14387
+CVE-2020-14387 [rsync-ssl does not verify the hostname in the server 
certificate when using openssl]
        RESERVED
+       - rsync 3.2.3-1
+       NOTE: 
https://git.samba.org/?p=rsync.git;a=commitdiff;h=c3f7414c450faaf6a8281cc4a4403529aeb7d859
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1875549
+       TODO: check affected version range
 CVE-2020-14386 [af_packet memory corruption]
        RESERVED
        - linux <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2d66d11252baa30b47c0e42470caf6c9e7c4cf2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2d66d11252baa30b47c0e42470caf6c9e7c4cf2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits