[Git][security-tracker-team/security-tracker][master] 4 commits: Process NFUs

Thu, 31 Oct 2019 07:44:23 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc46e1d2 by Salvatore Bonaccorso at 2019-10-31T14:40:52Z
Process NFUs

- - - - -
32e452da by Salvatore Bonaccorso at 2019-10-31T14:41:32Z
Add CVE-2018-21029/systemd

- - - - -
1c122e9a by Salvatore Bonaccorso at 2019-10-31T14:41:47Z
Add CVE-2019-15682/rdesktop

- - - - -
5c93b02c by Salvatore Bonaccorso at 2019-10-31T14:42:21Z
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,7 +47,11 @@ CVE-2019-18627
 CVE-2019-18626
        RESERVED
 CVE-2018-21029 (systemd 239 through 243 accepts any certificate signed by a 
trusted ce ...)
-       TODO: check
+       - systemd <unfixed>
+       [buster] - systemd <no-dsa> (Minor issue; systemd-resolved not enabled 
by default)
+       [stretch] - systemd <not-affected> (Vulnerable code introduced later)
+       [jessie] - systemd <not-affected> (Vulnerable code introduced later)
+       NOTE: https://github.com/systemd/systemd/issues/9397
 CVE-2019-18625
        RESERVED
 CVE-2019-18624 (Opera Mini for Android allows attackers to bypass intended 
restriction ...)
@@ -8644,7 +8648,9 @@ CVE-2019-15684
 CVE-2019-15683 (TurboVNC server code contains stack buffer overflow 
vulnerability in c ...)
        TODO: check
 CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access 
read vuln ...)
-       TODO: check
+       - rdesktop 1.8.6-1
+       [stretch] - rdesktop 1.8.6-2~deb9u1
+       NOTE: 
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/
 CVE-2019-15681 (LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a 
contains ...)
        {DLA-1979-1 DLA-1977-1}
        - libvncserver <unfixed> (bug #943793)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf...5c93b02cc5d81e0dd0bea5e0ce299b34f4ed7307

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf...5c93b02cc5d81e0dd0bea5e0ce299b34f4ed7307
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to