[Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2019-2391 and CVE-2020-7610 via unstable

Sat, 25 Apr 2020 13:48:43 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d7a8f55d by Salvatore Bonaccorso at 2020-04-25T22:47:11+02:00
Update fixed version for CVE-2019-2391 and CVE-2020-7610 via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11999,7 +11999,7 @@ CVE-2020-7611 (All versions of 
io.micronaut:micronaut-http-client before 1.2.11
        NOT-FOR-US: io.micronaut:micronaut-http-client
 CVE-2020-7610 (All versions of bson before 1.1.4 are vulnerable to 
Deserialization of ...)
        [experimental] - node-mongodb 3.5.5+~cs11.12.19-1
-       - node-mongodb <unfixed>
+       - node-mongodb 3.5.6+~cs11.12.19-1
        NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
        NOTE: https://snyk.io/vuln/SNYK-JS-BSON-561052
        NOTE: 
https://github.com/mongodb/js-bson/commit/3809c1313a7b2a8001065f0271199df9fa3d16a8
@@ -81130,7 +81130,7 @@ CVE-2019-2392
        RESERVED
 CVE-2019-2391 (Incorrect parsing of certain JSON input may result in js-bson 
not corr ...)
        [experimental] - node-mongodb 3.5.5+~cs11.12.19-1
-       - node-mongodb <unfixed>
+       - node-mongodb 3.5.6+~cs11.12.19-1
        NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
 CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can 
create  ...)
        NOT-FOR-US: Microsoft



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7a8f55d8f62d4778aa794a5e49f06d1d1890a31

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7a8f55d8f62d4778aa794a5e49f06d1d1890a31
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to