Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
425c7d5a by Moritz Muehlenhoff at 2019-10-25T17:16:21Z
new ATS issue, might be dupe of existing ATS/HTTP2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25029,7 +25029,9 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very
early pushes, for example co
CVE-2019-10080
RESERVED
CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood
attacks. E ...)
- TODO: check
+ - trafficserver 8.0.5+ds-1
+ NOTE: The reference listed is for Tomcat, hard to tell what this is
about
+ NOTE: Pinged MITRE for fixing the reference
CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an
XSS vulner ...)
- jspwiki <removed>
CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS
vulnerability ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/425c7d5ad22b9c28c705c5d072b4b3ef4e415742
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/425c7d5ad22b9c28c705c5d072b4b3ef4e415742
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
