[Git][security-tracker-team/security-tracker][master] 3 commits: Track fixed version for CVE-2019-14862/node-knockout

Thu, 26 Mar 2020 04:54:16 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4d1b88ad by Salvatore Bonaccorso at 2020-03-26T12:50:45+01:00
Track fixed version for CVE-2019-14862/node-knockout

- - - - -
93db7dfa by Salvatore Bonaccorso at 2020-03-26T12:51:31+01:00
Track proposed update for CVE-2019-14862/node-knockout via buster-pu

- - - - -
952d34f1 by Salvatore Bonaccorso at 2020-03-26T12:52:42+01:00
Track proposed update for CVE-2019-14862/node-knockout via stretch-pu

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -39305,7 +39305,7 @@ CVE-2019-14863 (There is a vulnerability in all angular 
versions before 1.5.0-be
        NOTE: 
https://github.com/angular/angular.js/commit/f33ce173c90736e349cf594df717ae3ee41e0f7a
        NOTE: https://github.com/angular/angular.js/pull/12524
 CVE-2019-14862 (There is a vulnerability in knockout before version 
3.5.0-beta, where  ...)
-       - node-knockout <unfixed> (unimportant; bug #943560)
+       - node-knockout 3.4.2-3 (unimportant; bug #943560)
        NOTE: https://github.com/knockout/knockout/issues/1244
        NOTE: https://github.com/knockout/knockout/pull/2345
        NOTE: 
https://github.com/knockout/knockout/commit/7e280b2b8a04cc19176b5171263a5c68bda98efb


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -54,3 +54,5 @@ CVE-2017-5715
        [stretch] - amd64-microcode 3.20181128.1~deb9u1
 CVE-2020-5267
        [stretch] - rails 2:4.2.7.1-1+deb9u2
+CVE-2019-14862
+       [stretch] - node-knockout 3.4.2-2+deb9u1


=====================================
data/next-point-update.txt
=====================================
@@ -61,3 +61,5 @@ CVE-2020-8597
        [buster] - lwip 2.0.3-3+deb10u1
 CVE-2020-7608
        [buster] - node-yargs-parser 11.1.1-1+deb10u1
+CVE-2019-14862
+       [buster] - node-knockout 3.4.2-2+deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/83d7b33fcdc56915a92d5258b5321bd226ad8e47...952d34f186ae3914596ae57a460bd5b111c31478

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/83d7b33fcdc56915a92d5258b5321bd226ad8e47...952d34f186ae3914596ae57a460bd5b111c31478
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to