Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b00c4135 by Moritz Muehlenhoff at 2020-03-31T22:27:39+02:00
new csync2 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -38125,7 +38125,10 @@ CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file
upload, as demonstrated by a
CVE-2019-15523
RESERVED
CVE-2019-15522 (An issue was discovered in LINBIT csync2 through 2.0.
csync_daemon_ses ...)
- TODO: check
+ - csync2 <unfixed>
+ [buster] - csync2 <no-dsa> (Minor issue)
+ [stretch] - csync2 <no-dsa> (Minor issue)
+ NOTE:
https://github.com/LINBIT/csync2/pull/13/commits/0ecfc333da51575f188dd7cf6ac4974d13a800b1
CVE-2019-15521 (Spoon Library through 2014-02-06, as used in Fork CMS before
1.4.1 and ...)
NOT-FOR-US: Spoon Library
CVE-2019-15520 (comelz Quark before 2019-03-26 allows directory traversal to
locations ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b00c4135f0e9c7dca72199e902f9bfd6df416945
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b00c4135f0e9c7dca72199e902f9bfd6df416945
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
