[Git][security-tracker-team/security-tracker][master] Track fixing version for tika update via unstable and four open CVEs

Tue, 22 Jan 2019 03:05:24 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1ae8b9b0 by Salvatore Bonaccorso at 2019-01-22T11:04:24Z
Track fixing version for tika update via unstable and four open CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22574,7 +22574,7 @@ CVE-2018-17198
        RESERVED
        NOT-FOR-US: Apache Roller
 CVE-2018-17197 (A carefully crafted or corrupt sqlite file can cause an 
infinite loop ...)
-       - tika <unfixed>
+       - tika 1.20-1
        [jessie] - tika <not-affected> (Only affects 1.8 to 1.19.1)
        NOTE: https://www.openwall.com/lists/oss-security/2018/12/22/2
 CVE-2018-17196
@@ -36681,11 +36681,11 @@ CVE-2018-11763 (In Apache HTTP Server 2.4.17 to 
2.4.34, by sending continuous, l
        NOTE: HTTP/2 support introduced in 2.4.17
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-11763
 CVE-2018-11762 (In Apache Tika 0.9 to 1.18, in a rare edge case where a user 
does not ...)
-       - tika <unfixed>
+       - tika 1.20-1
        [jessie] - tika <ignored> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/5
 CVE-2018-11761 (In Apache Tika 0.1 to 1.18, the XML parsers were not 
configured to ...)
-       - tika <unfixed>
+       - tika 1.20-1
        [jessie] - tika <ignored> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/4
        NOTE: When fixing this issue the fix needs to be made complete to not 
open
@@ -46532,7 +46532,7 @@ CVE-2018-8019 (When using an OCSP responder Apache 
Tomcat Native 1.2.0 to 1.2.16
 CVE-2018-8018 (In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the 
serialization  ...)
        NOT-FOR-US: Apache Ignite
 CVE-2018-8017 (In Apache Tika 1.2 to 1.18, a carefully crafted file can 
trigger an ...)
-       - tika <unfixed> (bug #914643)
+       - tika 1.20-1 (bug #914643)
        [jessie] - tika <ignored> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2018/09/19/6
 CVE-2018-8016 (The default configuration in Apache Cassandra 3.8 through 
3.11.1 binds ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ae8b9b0f61efd0313f1a62e56f97a2d25fdb20e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ae8b9b0f61efd0313f1a62e56f97a2d25fdb20e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to