AVG-1282 log
| Package | swtpm |
| Status | Fixed |
| Severity | Medium |
| Type | privilege escalation |
| Affected | 0.5.0-2 |
| Fixed | 0.5.1-1 |
| Current | 0.10.1-1 [extra] |
| Ticket | None |
| Created | Wed Nov 18 20:40:47 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-28407 | Medium | No | Privilege escalation | A potential symbolic link following issue has been found in swtpm before 0.5.1. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 19 Nov 2020 | ASA-202011-21 | swtpm | privilege escalation |
| References |
|---|
https://github.com/stefanberger/swtpm/compare/v0.5.0...v0.5.1 |