[Git][security-tracker-team/security-tracker][master] updates reported by ebourg: thanks!

Tue, 23 Jun 2020 05:45:25 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
61cc5fbe by Moritz Muehlenhoff at 2020-06-23T14:44:22+02:00
updates reported by ebourg: thanks!
- one libhibernate-validator-java issue n/a
- fix source package name for a different Hibernate issue, also n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12131,7 +12131,10 @@ CVE-2020-10695
 CVE-2020-10694
        RESERVED
 CVE-2020-10693 (A flaw was found in Hibernate Validator version 6.1.2.Final. A 
bug in  ...)
-       - libhibernate-validator-java <undetermined>
+       - libhibernate-validator-java <unfixed>
+       [buster] - libhibernate-validator-java <not-affected> (EL support added 
in 5.x)
+       [stretch] - libhibernate-validator-java <not-affected> (EL support 
added in 5.x)
+       [jessie] - libhibernate-validator-java <not-affected> (EL support added 
in 5.x)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1805501
 CVE-2020-10692
        RESERVED
@@ -51386,9 +51389,11 @@ CVE-2019-14901 (A heap overflow flaw was found in the 
Linux kernel, all versions
        NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/2
 CVE-2019-14900
        RESERVED
-       - libhibernate-validator-java <undetermined>
+       - libhibernate3-java <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1666499
-       TODO: check with Red Hat, unspecific information apart the it affecting 
4.3 to 5.4 inclusive
+       NOTE: 
https://github.com/hibernate/hibernate-orm/commit/b658e903d71e34a5be5690a33e6faa21b1db628b
+       NOTE: 
https://github.com/hibernate/hibernate-orm/commit/7dfb0fdf24fb4a1f757be14ce5806b5a81f20ab8
+       NOTE: 
https://github.com/hibernate/hibernate-orm/commit/50a5da07c1e6cb1da630b01c67bce9f7fe49dd8e
 CVE-2019-14899 (A vulnerability was discovered in Linux, FreeBSD, OpenBSD, 
MacOS, iOS, ...)
        NOTE: https://www.openwall.com/lists/oss-security/2019/12/05/1
 CVE-2019-14898 (The fix for CVE-2019-11599, affecting the Linux kernel before 
5.0.10 w ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cc5fbe03f68e8328a0003417489adc294589f3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cc5fbe03f68e8328a0003417489adc294589f3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to