Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a36c339e by Thorsten Alteholz at 2019-03-24T19:28:45Z
mark CVE-2019-9904 as no-dsa for Jessie
- - - - -
1078576f by Thorsten Alteholz at 2019-03-24T19:29:41Z
mark CVE-2019-7635 as no-dsa for Jessie
- - - - -
f038df09 by Thorsten Alteholz at 2019-03-24T19:30:18Z
mark CVE-2018-19872 as no-dsa for Jessie
- - - - -
5caef7cf by Thorsten Alteholz at 2019-03-24T19:31:09Z
mark CVE-2018-7635 as no-dsa for Jessie in sdl-image1.2
- - - - -
0da74d30 by Thorsten Alteholz at 2019-03-24T19:32:01Z
mark CVE-2019-9936 and CVE-2019-9937 as no-dsa for Jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90,10 +90,12 @@ CVE-2019-9938 (The SHAREit application before 4.0.42 for
Android allows a remote
CVE-2019-9937 (In SQLite 3.27.2, interleaving reads and writes in a single
transactio ...)
- sqlite3 3.27.2-2 (low; bug #925290)
[stretch] - sqlite3 <no-dsa> (Minor issue)
+ [jessie] - sqlite3 <no-dsa> (Minor issue)
NOTE: https://sqlite.org/src/info/45c73deb440496e8
CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix queries inside a
transaction cou ...)
- sqlite3 3.27.2-2 (low; bug #925289)
[stretch] - sqlite3 <no-dsa> (Minor issue)
+ [jessie] - sqlite3 <no-dsa> (Minor issue)
NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
CVE-2019-9935
RESERVED
@@ -167,6 +169,7 @@ CVE-2019-9905
CVE-2019-9904 (An issue was discovered in lib\cdt\dttree.c in libcdt.a in
graphviz 2. ...)
- graphviz <unfixed> (low; bug #925284)
[stretch] - graphviz <no-dsa> (Minor issue)
+ [jessie] - graphviz <no-dsa> (Minor issue)
NOTE: https://gitlab.com/graphviz/graphviz/issues/1512
CVE-2019-9903 (PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles
dict mark ...)
- poppler <unfixed> (bug #925264)
@@ -6206,8 +6209,10 @@ CVE-2019-7635 (SDL (Simple DirectMedia Layer) through
1.2.15 and 2.x through 2.0
[stretch] - libsdl2 <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+ [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
- libsdl2-image <unfixed>
[stretch] - libsdl2-image <no-dsa> (Minor issue)
+ [jessie] - libsdl2-image <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498
NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-2)
NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-1.2)
@@ -22237,6 +22242,7 @@ CVE-2018-19873 (An issue was discovered in Qt before
5.11.3. QBmpHandler has a b
CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image
causes a div ...)
- qtbase-opensource-src 5.11.2+dfsg-3 (low)
[stretch] - qtbase-opensource-src <no-dsa> (Minor issue)
+ [jessie] - qtbase-opensource-src <no-dsa> (Minor issue)
NOTE: https://bugreports.qt.io/browse/QTBUG-69449
TODO: check if affects qt4-x11 as well
CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile
Uncontr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/a6535fc48832900aa47276c154f568b12f646391...0da74d30b132cd3b080b6d9656ea0e9242842c83
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/a6535fc48832900aa47276c154f568b12f646391...0da74d30b132cd3b080b6d9656ea0e9242842c83
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
