Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af5eda4c by Salvatore Bonaccorso at 2019-07-10T20:31:33Z
Add CVE-2019-13240/glpi
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -548,7 +548,10 @@ CVE-2019-13241 (FlightCrew v0.9.2 and older are vulnerable
to a directory traver
- flightcrew <unfixed>
NOTE: https://github.com/Sigil-Ebook/flightcrew/issues/52
CVE-2019-13240 (An issue was discovered in GLPI before 9.4.1. After a
successful passw ...)
- TODO: check
+ - glpi <removed> (unimportant)
+ NOTE:
https://github.com/glpi-project/glpi/commit/5da9f99b2d81713b1e36016b47ce656a33648bc7
+ NOTE:
https://github.com/glpi-project/glpi/commit/86a43ae47b3dd844947f40a2ffcf1a36e53dbba6
+ NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-13239 (inc/user.class.php in GLPI before 9.4.3 allows XSS via a user
picture. ...)
- glpi <removed> (unimportant)
NOTE:
https://github.com/glpi-project/glpi/commit/c2aa7a7cd6af28be3809acc7e7842d2d2008c0fb
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/af5eda4c0c96cf17db5b341625d634e14fcea6f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/af5eda4c0c96cf17db5b341625d634e14fcea6f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
