[Git][security-tracker-team/security-tracker][master] stretch triage

Wed, 12 Dec 2018 13:02:30 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f6871666 by Moritz Muehlenhoff at 2018-12-12T21:01:32Z
stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,6 +42,7 @@ CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. 
There is a path trave
        TODO: check
 CVE-2018-XXXX [response discrepancy information exposure]
        - mini-httpd <unfixed> (bug #916190)
+       [stretch] - mini-httpd <no-dsa> (Minor issue)
        NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2018-01.md
 CVE-2018-20093
        RESERVED
@@ -111,6 +112,7 @@ CVE-2018-20061 (A SQL injection issue was discovered in 
ERPNext 10.x and 11.x th
        NOT-FOR-US: Frappe ERPNext
 CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization 
HTTP ...)
        - python-urllib3 1.24-1
+       [stretch] - python-urllib3 <no-dsa> (Minor issue)
        NOTE: https://github.com/urllib3/urllib3/issues/1316
        NOTE: https://github.com/urllib3/urllib3/pull/1346
        NOTE: 
https://github.com/urllib3/urllib3/commit/3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c
@@ -5792,6 +5794,7 @@ CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer 
over-read exists in the .
 CVE-2018-19516
        RESERVED
        - kf5-messagelib <unfixed> (bug #915039)
+       [stretch] - kf5-messagelib <no-dsa> (Minor issue)
        NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt
        NOTE: 
https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612
 CVE-2018-19515



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to