diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-01-05 09:07:33 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-01-05 09:07:33 +0100 |
commit | c01d4a227209f59c1d28b89aceb99bad989c9bc8 (patch) | |
tree | 153b58adb774b42fb0a2f12ad99060cce72b0e02 | |
parent | 584910c5d0eb9bc398170559e38a2fc325a54df7 (diff) |
new nodejs issues
-rw-r--r-- | data/CVE/list | 8 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 8 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 39fc410798..d1d3afd3aa 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -62503,8 +62503,10 @@ CVE-2020-8289 (Backblaze for Windows before 7.0.1.433 and Backblaze for macOS be NOT-FOR-US: Backblaze CVE-2020-8288 RESERVED -CVE-2020-8287 +CVE-2020-8287 [nodejs: HTTP Request Smuggling] RESERVED + - nodejs <unfixed> + NOTE: https://nodejs.org/en/blog/release/v10.23.1/ CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...) {DLA-2500-1} - curl 7.74.0-1 (bug #977161) @@ -62562,8 +62564,10 @@ CVE-2020-8267 (A security issue was found in UniFi Protect controller v1.14.10 a NOT-FOR-US: UniFi Protect controller CVE-2020-8266 RESERVED -CVE-2020-8265 +CVE-2020-8265 [nodejs: use-after-free in TLSWrap] RESERVED + - nodejs <unfixed> + NOTE: https://nodejs.org/en/blog/release/v10.23.1/ CVE-2020-8264 [Possible XSS Vulnerability in Action Pack in Development Mode] RESERVED - rails 2:6.0.3.4+dfsg-1 (bug #971988) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index eebf524f13..c984dc147a 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -29,6 +29,8 @@ minidlna -- netty -- +nodejs +-- salt (carnil) -- slurm-llnl (jmm) |