From 8d395124a032e482254455e9b359a9186a49a429 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 28 Jan 2020 21:57:18 +0100 Subject: Add fixed version for CVE-2020-8086/prosody-modules The upstable upload contained 0003-ldap-improve-checks.patch which is the upstream fix for the CVE from https://hg.prosody.im/prosody-modules/rev/f2b29183ef08 . --- data/CVE/2020.list | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 4ff33deb40..09e9990bc9 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -457,7 +457,7 @@ CVE-2020-8088 (panel_login.php in UseBB 1.0.12 allows type juggling for login by CVE-2020-8087 (SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote comma ...) NOT-FOR-US: SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices CVE-2020-8086 (The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01 ...) - - prosody-modules + - prosody-modules 0.0~hg20200128.09e7e880e056+dfsg-1 NOTE: https://hg.prosody.im/prosody-modules/rev/f2b29183ef08 NOTE: https://prosody.im/security/advisory_20200128/ CVE-2020-8085 -- cgit v1.2.3