Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3a2e1538 by Salvatore Bonaccorso at 2019-11-24T08:16:28Z
Add CVE-2019-11745/nss
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24920,8 +24920,12 @@ CVE-2019-11746 (A use-after-free vulnerability can
occur while manipulating vide
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11746
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11746
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11746
-CVE-2019-11745
+CVE-2019-11745 [Out-of-bounds write when passing an output buffer smaller than
the block size to NSC_EncryptUpdate]
RESERVED
+ - nss <unfixed>
+ NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1586176 (not public)
+ NOTE: Upstream patch:
https://hg.mozilla.org/releases/mozilla-esr68/rev/ea1bc0fb2dda
+ NOTE: Fixed in 3.44.3 and 3.47.1 upstream.
CVE-2019-11744 (Some HTML elements, such as &lt;title&gt; and
&lt;textarea ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a2e1538e551e525d0ff904b446d66cc950d7991
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3a2e1538e551e525d0ff904b446d66cc950d7991
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
