[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-1678{5,6}/waitress

Tue, 24 Dec 2019 01:47:29 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
46e23334 by Salvatore Bonaccorso at 2019-12-24T09:45:09Z
Add Debian bug reference for CVE-2019-1678{5,6}/waitress

- - - - -
222563e7 by Salvatore Bonaccorso at 2019-12-24T09:45:46Z
Remove reference to (unfortunately) not-stable URLs

Crosschecked with the GHSA advisories it seems that enough detail
information is provided there as well, so we can drop the urls to the
changes which are floating and not anchored to the details :(

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15742,18 +15742,16 @@ CVE-2019-16789
 CVE-2019-16788
        RESERVED
 CVE-2019-16786 (Waitress through version 1.3.1 would parse the 
Transfer-Encoding heade ...)
-       - waitress <unfixed>
+       - waitress <unfixed> (bug #947306)
        [buster] - waitress <no-dsa> (Minor issue)
        [stretch] - waitress <no-dsa> (Minor issue)
        NOTE: 
https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
-       NOTE: 
https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
        NOTE: 
https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
 CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the 
RFC7230 ...)
-       - waitress <unfixed>
+       - waitress <unfixed> (bug #947306)
        [buster] - waitress <no-dsa> (Minor issue)
        [stretch] - waitress <no-dsa> (Minor issue)
        NOTE: 
https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
-       NOTE: 
https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
        NOTE: 
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba
 
 CVE-2019-16784
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to