Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
851f04f3 by Markus Koschany at 2019-07-06T16:21:25Z
CVE-2019-7165,CVE-2019-12594,dosbox: Link to fixing commits.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1913,6 +1913,8 @@ CVE-2019-12594 (DOSBox 0.74-2 has Incorrect Access
Control. ...)
- dosbox <unfixed> (bug #931222)
NOTE: Fixed in 0.74-3 upstream.
NOTE: https://github.com/Alexandre-Bartel/CVE-2019-12594
+ NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
+ NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/4246/
CVE-2019-12593 (IceWarp Mail Server through 10.4.4 is prone to a local file
inclusion ...)
NOT-FOR-US: IceWarp Mail Server
CVE-2019-12592 (A universal Cross-site scripting (UXSS) vulnerability in the
Evernote ...)
@@ -16545,6 +16547,8 @@ CVE-2019-7166
CVE-2019-7165 (A buffer overflow in DOSBox 0.74-2 allows attackers to execute
arbitra ...)
- dosbox <unfixed> (bug #931222)
NOTE: Fixed in 0.74-3 upstream.
+ NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
+ NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/3925/
CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL
Injecti ...)
{DLA-1718-1}
[experimental] - sqlalchemy 1.3.0~b3+ds1-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f04f376302adf93dec320f1091a7f7369b372
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f04f376302adf93dec320f1091a7f7369b372
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
