summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-06-02 19:43:41 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-06-02 19:43:41 +0200
commit02def56b9819941561de22bce3cba06834d8b965 (patch)
tree219c97ffc14e1ffe839160a8bdb60ce76f6324b2
parentdc576d8c3665cc1e5734b2ca52ee4bc67fc0e127 (diff)
Add CVE-2020-12062 and mark it unimportant with negligible impactHEADmaster
-rw-r--r--data/CVE/2020.list7
1 files changed, 6 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index ff00577..8610e8d 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -3778,7 +3778,12 @@ CVE-2020-12063 (** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an
NOTE: https://www.openwall.com/lists/oss-security/2020/04/23/12
NOTE: Not considered a Postfix vulnerability and scope is outside of the design goals
CVE-2020-12062 (** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplica ...)
- TODO: check
+ - openssh <unfixed> (unimportant)
+ NOTE: https://github.com/openssh/openssh-portable/commit/955854cafca88e0cdcd3d09ca1ad4ada465364a1
+ NOTE: https://github.com/openssh/openssh-portable/commit/aad87b88fc2536b1ea023213729aaf4eaabe1894
+ NOTE: https://www.openwall.com/lists/oss-security/2020/05/27/1
+ NOTE: Negligible security impact, a malicious peer can achieve no more than already
+ NOTE: able o achieve within the scp protocol.
CVE-2020-12061
RESERVED
CVE-2020-12060

© 2014-2020 Faster IT GmbH | imprint | privacy policy