Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c1784d54 by Sylvain Beucler at 2019-04-10T09:54:14Z
spip 3.0 not affected in Jessie
- - - - -
23039f27 by Sylvain Beucler at 2019-04-10T10:52:01Z
graphviz/CVE-2019-11023: minor
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,6 +4,7 @@ CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an
insecure HTTP URL to do
TODO: check
CVE-2019-XXXX [arbitrary code execution by any identified visitor]
- spip 3.2.4-1 (bug #926764)
+ [jessie] - spip <not-affected> (SPIP 3.0 and earlier are not affected)
NOTE:
https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html?lang=fr
CVE-2019-11064
RESERVED
@@ -93,7 +94,9 @@ CVE-2019-11024 (The load_pnm function in frompnm.c in
libsixel.a in libsixel 1.8
TODO: check
CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in
Graphviz 2.39. ...)
- graphviz <unfixed> (bug #926724)
+ [jessie] - graphviz <postponed> (Minor issue; clean crash / DoS)
NOTE: https://gitlab.com/graphviz/graphviz/issues/1517
+ NOTE:
https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932
CVE-2019-11022
RESERVED
CVE-2019-11021
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/249cc36d3bc345b11c0cee951a6ddd7a0aa4379c...23039f274f5c088e5541521713feae3334442d69
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/249cc36d3bc345b11c0cee951a6ddd7a0aa4379c...23039f274f5c088e5541521713feae3334442d69
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
