[Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2019-8842/cups

Sat, 25 Apr 2020 07:55:43 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
01bede8d by Salvatore Bonaccorso at 2020-04-25T16:53:10+02:00
Add CVE-2019-8842/cups

- - - - -
eed057c1 by Salvatore Bonaccorso at 2020-04-25T16:53:41+02:00
Track fixed version for CVE-2020-3898/cups via unstable

- - - - -
be31e53a by Salvatore Bonaccorso at 2020-04-25T16:55:03+02:00
Track fixed via proposed updates for cups via buster-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -21427,7 +21427,7 @@ CVE-2020-3899 (A memory consumption issue was addressed 
with improved memory han
        NOT-FOR-US: Apple
 CVE-2020-3898 [heap based buffer overflow in libcups's ppdFindOption() in 
ppd-mark.c]
        RESERVED
-       - cups <unfixed>
+       - cups 2.3.1-12
        [buster] - cups <no-dsa> (Minor issue)
        [stretch] - cups <no-dsa> (Minor issue)
        [jessie] - cups <no-dsa> (Minor issue)
@@ -63452,8 +63452,12 @@ CVE-2019-8844
        NOTE: https://webkitgtk.org/security/WSA-2020-0001.html
 CVE-2019-8843
        RESERVED
-CVE-2019-8842
+CVE-2019-8842 [he `ippReadIO` function may under-read an extension field]
        RESERVED
+       - cups 2.3.1-12
+       [buster] - cups <no-dsa> (Minor issue)
+       [stretch] - cups <no-dsa> (Minor issue)
+       TODO: add commit once pushed to the https://github.com/apple/cups repo
 CVE-2019-8841
        RESERVED
 CVE-2019-8840


=====================================
data/next-point-update.txt
=====================================
@@ -91,3 +91,7 @@ CVE-2019-14559
        [buster] - edk2 0~20181115.85588389-3+deb10u1
 CVE-2019-14575
        [buster] - edk2 0~20181115.85588389-3+deb10u1
+CVE-2020-3898
+       [buster] - cups 2.2.10-6+deb10u3
+CVE-2019-8842
+       [buster] - cups 2.2.10-6+deb10u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9582a14a610d32a0e42c1090f80823dc8240af8b...be31e53ac093cad3065373c05418c11a05ac8720

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9582a14a610d32a0e42c1090f80823dc8240af8b...be31e53ac093cad3065373c05418c11a05ac8720
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to