Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d697a8e4 by Abhijith PA at 2020-10-22T17:22:05+05:30
mark CVE-2019-1010091 as ignored and change CVE-2020-12648 to ignore as well
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33079,7 +33079,7 @@ CVE-2020-12649 (Gurbalib through 2020-04-30 allows
lib/cmds/player/help.c direct
CVE-2020-12648 (A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1
and earlie ...)
- tinymce <unfixed> (bug #972642)
[buster] - tinymce <no-dsa> (Minor issue)
- [stretch] - tinymce <not-affected> (Vulnerable code not present and not
reproducible)
+ [stretch] - tinymce <ignored> (Vulnerable code not present and not
reproducible)
NOTE: https://labs.bishopfox.com/advisories/tinymce-version-5.2.1
CVE-2020-12647 (Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before
59.1a.9, and 6 ...)
NOT-FOR-US: Unisys ALGOL Compiler
@@ -96200,6 +96200,7 @@ CVE-2019-1010091 (tinymce 4.7.11, 4.7.12 is affected
by: CWE-79: Improper Neutra
- tinymce <unfixed> (bug #970256)
[buster] - tinymce <no-dsa> (Minor issue)
[jessie] - tinymce <ignored> (Minor issue, requires manually
copy/pasting javascript to execute it, can't reproduce on Jessie)
+ [stretch] - tinymce <ignored> (Minor issue, can't reproduce)
NOTE: https://github.com/tinymce/tinymce/issues/4394
CVE-2019-1010090
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d697a8e46b5a00a5f014b8f8922f343087cf9632
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d697a8e46b5a00a5f014b8f8922f343087cf9632
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
