Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
98d79aa9 by Salvatore Bonaccorso at 2020-09-05T09:14:00+02:00
Track rebar3 itp/rfp bug under two CVEs for Rebar3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24464,6 +24464,7 @@ CVE-2020-13804 (An issue was discovered in Foxit Reader
and PhantomPDF before 9.
CVE-2020-13803 (An issue was discovered in Foxit PhantomPDF Mac and Foxit
Reader for M ...)
NOT-FOR-US: Foxit Reader
CVE-2020-13802 (Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS
command in ...)
+ - rebar3 <itp> (bug #824773)
TODO: check, whether this affects src:rebar (but the security
implications seems a little far-fetched anyway)
CVE-2020-13801
RESERVED
@@ -97629,6 +97630,7 @@ CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8
and earlier contains a Cros
NOT-FOR-US: Chamilo Chamilo-lms
CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a
Signing oracl ...)
- rebar <not-affected> (vulnerable code is not present)
+ - rebar3 <itp> (bug #824773)
NOTE: https://github.com/erlang/rebar3/pull/1986
CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier
contains a Sign ...)
NOT-FOR-US: Hex package manager
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d79aa95098f8a9fadda4f68d37bfb26512f69c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d79aa95098f8a9fadda4f68d37bfb26512f69c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
