Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
70393f1f by Moritz Muehlenhoff at 2019-10-28T16:34:37Z
additional ATS HTTP/2 issue has been clarified
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25158,8 +25158,7 @@ CVE-2019-10080
RESERVED
CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood
attacks. E ...)
- trafficserver 8.0.5+ds-1
- NOTE: The reference listed is for Tomcat, hard to tell what this is
about
- NOTE: Pinged MITRE for fixing the reference
+ NOTE:
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an
XSS vulner ...)
- jspwiki <removed>
CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS
vulnerability ...)
=====================================
data/DSA/list
=====================================
@@ -116,7 +116,7 @@
{CVE-2019-13139 CVE-2019-13509 CVE-2019-14271}
[buster] - docker.io 18.09.1+dfsg1-7.1+deb10u1
[09 Sep 2019] DSA-4520-1 trafficserver - security update
- {CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518}
+ {CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518 CVE-2019-10079}
[buster] - trafficserver 8.0.2+ds-1+deb10u1
[08 Sep 2019] DSA-4519-1 libreoffice - security update
{CVE-2019-9854}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70393f1faeaae14fdb1305e75edf65be1c2d5a2a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70393f1faeaae14fdb1305e75edf65be1c2d5a2a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
