Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ae6e69b8 by Salvatore Bonaccorso at 2019-06-02T14:17:18Z
Mark CVE-2019-3885 as not-affected for stretch
Issue introduced in 1.1.18 upstream unless respective patches
backported, which is not the case for Debian stretch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21578,6 +21578,7 @@ CVE-2019-3886 (An incorrect permissions check was
discovered in libvirt 4.8.0 an
NOTE: Fixed by:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=ae076bb40e0e150aef41361b64001138d04d6c60
CVE-2019-3885 (A use-after-free flaw was found in pacemaker up to and
including versi ...)
- pacemaker 2.0.1-3 (bug #927714)
+ [stretch] - pacemaker <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749 (master)
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1750 (1.1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae6e69b8ebc1f90c2c1d1a0e494d361b153623db
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae6e69b8ebc1f90c2c1d1a0e494d361b153623db
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
