Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
69dbbb36 by Salvatore Bonaccorso at 2019-05-01T12:29:41Z
Add CVE-2019-7306/byobu
Thanks: Sander Bos for the heads-up on the CVE
- - - - -
d72abad1 by Salvatore Bonaccorso at 2019-05-01T12:31:21Z
Mark CVE-2019-7306/byobu as unimportant as non-issue for Debian
The issue is present in the Apport hook, and Apport is not present in
Debian.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11336,8 +11336,12 @@ CVE-2019-7308 (kernel/bpf/verifier.c in the Linux
kernel before 4.20.6 performs
NOTE: Fixed by:
https://git.kernel.org/linus/d3bd7413e0ca40b60cf60d4003246d067cafdeda
CVE-2019-7307
RESERVED
-CVE-2019-7306
+CVE-2019-7306 [Apport hook may expose sensitive information]
RESERVED
+ - byobu <unfixed> (unimportant)
+ NOTE: https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202
+ NOTE: Issue in /usr/share/apport/package-hooks/source_byobu.py hook,
+ NOTE: non-issue in Debian as Apport not present.
CVE-2019-7305 [extplorer exposes /usr and /etc/extplorer over HTTP]
RESERVED
- extplorer <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/62dc2699ca7224c9cee5a90bc25f8ea86a2fb4e7...d72abad172af75dd74802d3ca604154fa6df7f0d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/62dc2699ca7224c9cee5a90bc25f8ea86a2fb4e7...d72abad172af75dd74802d3ca604154fa6df7f0d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
