Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ea0ef2a by Salvatore Bonaccorso at 2019-03-02T08:14:27Z
Mark CVE-2019-5747/busybox as not-affected
The incomplete fix reached unstable but did not transition to buster
withouth the followup fix (yet) and a further busybox upload will
include the required additional fix before transition to buster.
- - - - -
bd417873 by Salvatore Bonaccorso at 2019-03-02T09:21:49Z
Add fixed version for followup to busybox (CVE-2019-5747)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8975,7 +8975,8 @@ CVE-2019-5749
CVE-2019-5748 (In Traccar Server version 4.2,
protocol/SpotProtocolDecoder.java might ...)
NOT-FOR-US: Traccar Server
CVE-2019-5747 (An issue was discovered in BusyBox through 1.30.0. An out of
bounds ...)
- - busybox <unfixed>
+ - busybox 1:1.30.1-2
+ [buster] - busxybox <not-affected> (Incomplete fix for CVE-2018-20679
did not reach buster)
[stretch] - busybox <not-affected> (Incomplete fix for CVE-2018-20679
not applied)
[jessie] - busybox <not-affected> (Incomplete fix for CVE-2018-20679
not applied)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=11506
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/4549f3a162b20fdb8cf1f15dc8e7ae1ee52eb5b0...bd41787337686cc152d28446bb67074617b7af78
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/4549f3a162b20fdb8cf1f15dc8e7ae1ee52eb5b0...bd41787337686cc152d28446bb67074617b7af78
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
