Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d45b1b3 by Moritz Muehlenhoff at 2019-02-11T17:31:45Z
lxc unimportant
ffmpeg bug
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -928,7 +928,7 @@ CVE-2019-1000019 (libarchive version commit
bf9aec176c6748f0ee7a678c5f9f9555b9a7
CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an
Incorrect ...)
NOT-FOR-US: Chamilo Chamilo-lms
CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation
of Array ...)
- - ffmpeg <unfixed>
+ - ffmpeg <unfixed> (low; bug #922066)
[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f
CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a
Cross Site ...)
@@ -4918,10 +4918,11 @@ CVE-2018-20678
CVE-2019-5736 [runc container breakout]
RESERVED
- runc <unfixed> (bug #922050)
- - lxc <unfixed>
+ - lxc <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2019/02/11/2
NOTE: runc: Fixed by:
https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
NOTE: lxc: Fixed by
https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
+ NOTE: Not considered a security issue by LXC upstream
CVE-2019-5735
RESERVED
CVE-2019-5734
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d45b1b37f992d019bf63cddc78251bd20838154
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d45b1b37f992d019bf63cddc78251bd20838154
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
