diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-31 17:29:17 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-31 17:29:17 +0200 |
commit | 7d414c670f0546be391346b4fabc53910f8e4017 (patch) | |
tree | fafa8e5ee3229183637a3485315b22dfbb76ccba /data | |
parent | 28408de250feed08d7bd8e8b123cc67a54c4e073 (diff) |
Track fixes for commons-configuration2
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/next-point-update.txt | 2 |
2 files changed, 1 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index a49d02c493..71104e3a85 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -37791,7 +37791,7 @@ CVE-2020-1954 (Apache CXF has the ability to integrate with JMX by registering a NOT-FOR-US: Apache CXF CVE-2020-1953 (Apache Commons Configuration uses a third-party library to parse YAML ...) - commons-configuration2 2.7-1 (bug #954713) - [buster] - commons-configuration2 <no-dsa> (Minor issue, will be fixed via spu) + [buster] - commons-configuration2 2.2-1+deb10u1 NOTE: https://www.openwall.com/lists/oss-security/2020/03/13/1 CVE-2020-1952 (An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. W ...) NOT-FOR-US: Apache IoTDB diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 1e6ccf08aa..9865d3cef1 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -1,5 +1,3 @@ -CVE-2020-1953 - [buster] - commons-configuration2 2.2-1+deb10u1 CVE-2019-20907 [buster] - python3.7 3.7.3-2+deb10u2 CVE-2020-14422 |