Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f161de74 by Salvatore Bonaccorso at 2019-07-30T06:21:52Z
Add CVE-2019-3881/bundler
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27832,8 +27832,12 @@ CVE-2019-3882 (A flaw was found in the Linux kernel's
vfio interface implementat
NOTE:
https://lore.kernel.org/lkml/[email protected]/T/#u
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1689426
NOTE: Fixed by:
https://git.kernel.org/linus/492855939bdb59c6f947b0b5b44af9ad82b7e38c
-CVE-2019-3881
+CVE-2019-3881 [tmp_home_path insecure]
RESERVED
+ - bundler 1.16.1-2 (bug #881749; bug #796383)
+ NOTE: Upstream issue: https://github.com/bundler/bundler/issues/6501
+ NOTE:
https://salsa.debian.org/ruby-team/bundler/blob/debian/1.16.1-2/debian/patches/0006-Don-t-use-insecure-temporary-directory-as-home-direc.patch
+ NOTE:
https://salsa.debian.org/ruby-team/bundler/blob/debian/1.16.1-2/debian/patches/0007-Remove-temporary-home-directories.patch
CVE-2019-3880 (A flaw was found in the way samba implemented an RPC endpoint
emulatin ...)
{DSA-4427-1 DLA-1754-1}
- samba 2:4.9.5+dfsg-3
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f161de7483818abbbe0004bfca1cb9bb84a74da8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f161de7483818abbbe0004bfca1cb9bb84a74da8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
