David Prévot pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fe08ae47 by David Prévot at 2019-03-23T20:16:32Z
CVE-2019-9942/twig fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,7 +28,7 @@ CVE-2016-10743 (hostapd before 2.6 does not prevent use of
the low-quality PRNG
TODO: check
CVE-2019-9942 (A sandbox information disclosure exists in Twig before 1.38.0
and 2.x ...)
[experimental] - twig 2.7.1-1
- - twig <unfixed>
+ - twig 2.6.2-2
NOTE:
https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077
NOTE: https://symfony.com/blog/twig-sandbox-information-disclosure
CVE-2019-9941
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe08ae47ec5935fae3cc65e381d074a4a4056397
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe08ae47ec5935fae3cc65e381d074a4a4056397
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
