Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
687aaa22 by Moritz Muehlenhoff at 2019-08-22T06:28:28Z
pump removed
libzstd n/a for oldstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1935,7 +1935,7 @@ CVE-2019-14654 (In Joomla! 3.9.7 and 3.9.8, inadequate
filtering allows users au
CVE-2018-20954 (The "Security and Privacy" Encryption feature in Mailpile
before 1.0.0 ...)
NOT-FOR-US: Mailpile
CVE-2019-XXXX [Buffer overflow during processing of large server replies]
- - pump <unfixed> (bug #933674)
+ - pump <removed> (bug #933674)
CVE-2019-14653 (pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR
or SUP e ...)
NOT-FOR-US: pandao Editor.md
CVE-2019-14652
@@ -10407,6 +10407,7 @@ CVE-2019-11923
RESERVED
CVE-2019-11922 (A race condition in the one-pass compression functions of
Zstandard pr ...)
- libzstd 1.3.8+dfsg-2
+ [stretch] - libzstd <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/facebook/zstd/commit/3e5cdf1b6a85843e991d7d10f6a2567c15580da0
CVE-2019-11921 (An out of bounds write is possible via a specially crafted
packet in c ...)
NOT-FOR-US: Proxygen
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/687aaa22994a5d13c34cac66ac213da0bb6a6dd5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/687aaa22994a5d13c34cac66ac213da0bb6a6dd5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
