Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 337cad47 by Salvatore Bonaccorso at 2020-02-11T21:13:58+01:00 CVE-2013-6499 got rejected by it's assigning CNA as report bogus - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -266106,14 +266106,8 @@ CVE-2013-6501 (The default soap.wsdl_cache_dir setting in (1) php.ini-production NOTE: Rendererd unexpoitable by kernel level hardening for tmp races CVE-2013-6500 REJECTED -CVE-2013-6499 [loading a module relative to the cwd] - REJECTED - - libmp3-info-perl <unfixed> (bug #777230; unimportant) - [jessie] - libmp3-info-perl <no-dsa> (Minor issue) - [wheezy] - libmp3-info-perl <no-dsa> (Minor issue) - [squeeze] - libmp3-info-perl <no-dsa> (Minor issue) - NOTE: Marked as unimportant at least for unstable, since the issue is mitigated - NOTE: by src:perl not having '.' in INC since 5.22.2-4 by default. +CVE-2013-6499 + REJECTED CVE-2013-6498 RESERVED CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows remote ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/337cad47e31afa3b8cf3f279bdc45789b306be98 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/337cad47e31afa3b8cf3f279bdc45789b306be98 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits