Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ddddfcfd by Salvatore Bonaccorso at 2019-07-11T19:40:25Z
Add Debian bug reference for CVE-2019-1322{4,5}/libonig
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -642,12 +642,12 @@ CVE-2019-13233 (In arch/x86/lib/insn-eval.c in the Linux
kernel before 5.1.9, th
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
NOTE: Fixed by:
https://git.kernel.org/linus/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
CVE-2019-13225 (A NULL Pointer Dereference in match_at() in regexec.c in
Oniguruma 6.9 ...)
- - libonig <unfixed> (low)
+ - libonig <unfixed> (low; bug #931878)
[buster] - libonig <no-dsa> (Minor issue)
[stretch] - libonig <no-dsa> (Minor issue)
NOTE:
https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c
CVE-2019-13224 (A use-after-free in onig_new_deluxe() in regext.c in Oniguruma
6.9.2 a ...)
- - libonig <unfixed> (low)
+ - libonig <unfixed> (low; bug #931878)
[buster] - libonig <no-dsa> (Minor issue)
[stretch] - libonig <no-dsa> (Minor issue)
NOTE:
https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ddddfcfdff94c717a27633f52ce59cd3cc6c0308
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ddddfcfdff94c717a27633f52ce59cd3cc6c0308
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
