diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-31 09:47:58 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-31 09:47:58 +0200 |
commit | 62004af88abf9ea0ac9119efa4bccd2b60e0f640 (patch) | |
tree | b4d23f51e17e54688d7b54d9f4e260b39eab8e06 | |
parent | edcea2c9d566aa6f5b6c276de9f50c9a8fa70c35 (diff) |
CVE-2020-1746/ansible fixed in unstable via 2.9.7 upload
-rw-r--r-- | data/CVE/list.2020 | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 896270c755..08569116d7 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -26795,11 +26795,12 @@ CVE-2020-1747 (A vulnerability was discovered in the PyYAML library in versions [jessie] - pyyaml <not-affected> (Loader/Constructor classes are unsafe in this version) NOTE: https://github.com/yaml/pyyaml/pull/386 CVE-2020-1746 (A flaw was found in the Ansible Engine affecting Ansible Engine versio ...) - - ansible <unfixed> + - ansible 2.9.7+dfsg-1 [stretch] - ansible <not-affected> (Vulnerable code introduced later) [jessie] - ansible <not-affected> (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1805491 NOTE: https://github.com/ansible/ansible/pull/67866 + NOTE: Fixed by: https://github.com/ansible/ansible/commit/d41e38435b1a9e300d8011ac28f16a5add2db119 (v2.9.7) CVE-2020-1745 (A file inclusion vulnerability was found in the AJP connector enabled ...) - undertow 2.0.30-1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1807305 |