diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-03 21:29:55 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-03 21:29:55 +0100 |
| commit | a3f77c8510aeccb259f2b5db1e1abec789125435 (patch) | |
| tree | 39bb06ecf8dba9b26148df791190295ef3bcceba | |
| parent | b0fffe3583c46fbff4bf56e5f3d360dc02f13732 (diff) | |
CVE-2020-28498/node-elliptic fixed in unstable
| -rw-r--r-- | data/CVE/list.2020 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 9fff9c90ac..39df7d1a57 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -5452,7 +5452,7 @@ CVE-2020-28500 (All versions of package lodash; all versions of package org.fuji CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollution vi ...) NOTE: Only bogus references listed, unclear what this is about CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...) - - node-elliptic <unfixed> + - node-elliptic 6.5.4~dfsg-1 NOTE: https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f NOTE: https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md CVE-2020-28497 |