Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e9b4757 by Salvatore Bonaccorso at 2020-02-13T07:23:09+01:00
Track fixed version for some linux CVEs via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1370,7 +1370,7 @@ CVE-2020-8317
CVE-2020-8316
RESERVED
CVE-2020-8428 (fs/namei.c in the Linux kernel before 5.5 has a
may_create_in_sticky u ...)
- - linux <unfixed>
+ - linux 5.4.19-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://git.kernel.org/linus/d0cb50185ae942b03c4327be322055d622dc79f6
CVE-2020-8315 (In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and
3.8 thr ...)
@@ -18894,7 +18894,7 @@ CVE-2019-19047 (A memory leak in the
mlx5_fw_fatal_reporter_dump() function in d
[jessie] - linux <not-affected> (Vulnerability introduced later)
NOTE:
https://git.kernel.org/linus/c7ed6d0183d5ea9bc31bcaeeba4070bd62546471
CVE-2019-19046 (** DISPUTED ** A memory leak in the __ipmi_bmc_register()
function in ...)
- - linux <unfixed> (unimportant)
+ - linux 5.4.19-1 (unimportant)
NOTE: Only a memory leak on the probe path
CVE-2019-19045 (A memory leak in the mlx5_fpga_conn_create_cq() function in
drivers/ne ...)
- linux 5.3.15-1
@@ -18909,7 +18909,7 @@ CVE-2019-19044 (Two memory leaks in the
v3d_submit_cl_ioctl() function in driver
[jessie] - linux <not-affected> (Vulnerability introduced later)
NOTE:
https://git.kernel.org/linus/29cd13cfd7624726d9e6becbae9aa419ef35af7f
CVE-2019-19043 (A memory leak in the i40e_setup_macvlans() function in
drivers/net/eth ...)
- - linux <unfixed>
+ - linux 5.4.19-1
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -33752,13 +33752,13 @@ CVE-2019-14898 [RHEL-7 specific incompete fix issue
for CVE-2019-11599]
- linux <not-affected> (RHEL-7 specific incomplete fix for
CVE-2019-11599)
CVE-2019-14897 (A stack-based buffer overflow was found in the Linux kernel,
version k ...)
{DLA-2068-1}
- - linux <unfixed>
+ - linux 5.4.19-1
[buster] - linux 4.19.98-1
[stretch] - linux 4.9.210-1
NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
CVE-2019-14896 (A heap-based buffer overflow vulnerability was found in the
Linux kern ...)
{DLA-2068-1}
- - linux <unfixed>
+ - linux 5.4.19-1
[buster] - linux 4.19.98-1
[stretch] - linux 4.9.210-1
NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
@@ -69297,7 +69297,7 @@ CVE-2019-3017 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virtu
- virtualbox 6.0.14-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3016 (In a Linux KVM guest that has PV TLB enabled, a process in the
guest k ...)
- - linux <unfixed>
+ - linux 5.4.19-1
CVE-2019-3015 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
NOT-FOR-US: Oracle
CVE-2019-3014 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e9b475738af5f04c209c61d217238d5d8274f6b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e9b475738af5f04c209c61d217238d5d8274f6b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
