[Git][security-tracker-team/security-tracker][master] Triage CVE-2019-20372 in nginx for jessie LTS.

Chris Lamb Fri, 10 Jan 2020 10:12:08 -0800


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker



Commits:
391438c0 by Chris Lamb at 2020-01-10T18:11:02+00:00
Triage CVE-2019-20372 in nginx for jessie LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40,6 +40,7 @@ CVE-2019-20372 (NGINX before 1.17.7, with certain error_page 
configurations, all
        - nginx <unfixed> (low; bug #948579)
        [buster] - nginx <no-dsa> (Minor issue)
        [stretch] - nginx <no-dsa> (Minor issue)
+       [jessie] - nginx <no-dsa> (Minor issue)
        NOTE: 
https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf
        NOTE: 
https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e
 CVE-2019-20373 (LTSP LDM through 2.18.06 allows fat-client root access because 
the LDM ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/391438c0e4d4bd79e290eac658521a3f8447a8db

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/391438c0e4d4bd79e290eac658521a3f8447a8db
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Triage CVE-2019-20372 in nginx for jessie LTS.

Reply via email to