Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f1f984cb by Sylvain Beucler at 2019-10-01T15:25:15Z
CVE-2019-16370,CVE-2019-15052/gradle: jessie postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1702,6 +1702,7 @@ CVE-2019-16371 (LogMeIn LastPass before 4.33.0 allows
attackers to construct a c
NOT-FOR-US: LogMeIn LastPass
CVE-2019-16370 (The PGP signing plugin in Gradle before 6.0 relies on the
SHA-1 algori ...)
- gradle <unfixed> (low; bug #941186)
+ [jessie] - gradle <postponed> (Minor issue, old gradle mainly used for
building Debian packages with apt signatures)
NOTE:
https://github.com/gradle/gradle/commit/425b2b7a50cd84106a77cdf1ab665c89c6b14d2f
CVE-2019-16369
RESERVED
@@ -5570,6 +5571,7 @@ CVE-2019-15053 (The "HTML Include and replace macro"
plugin before 1.5.0 for Con
NOT-FOR-US: "HTML Include and replace macro" plugin for Confluence
Server
CVE-2019-15052 (The HTTP client in Gradle before 5.6 sends authentication
credentials ...)
- gradle <unfixed> (low; bug #941187)
+ [jessie] - gradle <postponed> (Minor issue, old gradle mainly used for
building Debian packages with system libraries)
NOTE: https://github.com/gradle/gradle/issues/10278
NOTE: https://github.com/gradle/gradle/pull/10176
NOTE:
https://github.com/gradle/gradle/security/advisories/GHSA-4cwg-f7qc-6r95
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1f984cb151103d3493ccdedba659ea0ad1b88fb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1f984cb151103d3493ccdedba659ea0ad1b88fb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
