Add CVE-2020-1760/ceph

author: Salvatore Bonaccorso <carnil@debian.org> 2020-04-07 18:08:29 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-04-07 18:08:29 +0200
commit: b0ce16beb6c93a0761014b31896eab8e9bae0596 (patch)
tree: db2dee43403cc4eb30325013e62f93223716ff22
parent: 4d986cb4bd66648b411f408bf69cbb1fc1c315fe (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 9294e70428..368e43c0ca 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -21102,8 +21102,14 @@ CVE-2020-1762
 CVE-2020-1761
 	RESERVED
 	NOT-FOR-US: OpenShift
-CVE-2020-1760
-	RESERVED
+CVE-2020-1760 [header-splitting in RGW GetObject has a possible XSS]
+	RESERVED
+	- ceph <unfixed>
+	NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e
+	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1
+	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/18eb4d918b27d362312c29a3bbd57a421897c0a5
+	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/1bf14094fec34770d2cc74317f4238ccb2dfef98
+	NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/1
 CVE-2020-1759
 	RESERVED
 CVE-2020-1758
author	Salvatore Bonaccorso <carnil@debian.org>	2020-04-07 18:08:29 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-04-07 18:08:29 +0200
commit	b0ce16beb6c93a0761014b31896eab8e9bae0596 (patch)
tree	db2dee43403cc4eb30325013e62f93223716ff22
parent	4d986cb4bd66648b411f408bf69cbb1fc1c315fe (diff)