Andrej Shadura pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9f2402b5 by Andrej Shadura at 2019-01-15T13:44:15Z
CVE-2019-5885: improve the description according to the actual problem fixed in
the package
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -906,7 +906,7 @@ CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. In
the UnlinkDir method
NOT-FOR-US: ShopXO
CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the ...)
NOT-FOR-US: ShopXO
-CVE-2019-5885 [Synapse: Blindly trusts macaroon_secret_key in the config,
which may not be a valid macaroon]
+CVE-2019-5885 [Synapse: Derives macaroon_secret_key in a predictable way if
none is specified]
RESERVED
- matrix-synapse 0.34.1.1-1
NOTE:
https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f2402b5a2f98cf20ec3920ae7c0bb3fce888c45
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9f2402b5a2f98cf20ec3920ae7c0bb3fce888c45
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
