Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a6a9636f by Salvatore Bonaccorso at 2018-11-18T20:31:23Z
CVE-2018-1935{1,2}/jupyter-notebook
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,9 +13,11 @@ CVE-2018-19354
CVE-2018-19353 (The ansilove_ansi function in loaders/ansi.c in libansilove
1.0.0 ...)
NOT-FOR-US: libansilove
CVE-2018-19352 (Jupyter Notebook before 5.7.2 allows XSS via a crafted
directory name ...)
- TODO: check
+ - jupyter-notebook <unfixed>
+ NOTE:
https://github.com/jupyter/notebook/commit/288b73e1edbf527740e273fcc69b889460871648
CVE-2018-19351 (Jupyter Notebook before 5.7.1 allows XSS via an untrusted
notebook ...)
- TODO: check
+ - jupyter-notebook <unfixed>
+ NOTE:
https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491
CVE-2008-7320 (** DISPUTED ** GNOME Seahorse through 3.30 allows physically
proximate ...)
- seahorse <unfixed> (unimportant)
NOTE: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/189774
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6a9636f6073b84f19f3abca09f40ecb90fc8ee3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a6a9636f6073b84f19f3abca09f40ecb90fc8ee3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
