[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff (@jmm) Tue, 11 May 2021 12:05:34 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
956b4a85 by Moritz Muehlenhoff at 2021-05-11T21:04:32+02:00
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67035,13 +67035,12 @@ CVE-2020-15946
        RESERVED
 CVE-2020-15945 (Lua through 5.4.0 has a segmentation fault in changedline in 
ldebug.c  ...)
        - lua5.4 5.4.1-1
-       - lua5.3 <undetermined>
-       - lua5.2 <undetermined>
-       - lua5.1 <undetermined>
-       - lua50 <undetermined>
+       - lua5.3 <not-affected> (Specific to 5.4)
+       - lua5.2 <not-affected> (Specific to 5.4)
+       - lua5.1 <not-affected> (Specific to 5.4)
+       - lua50 <not-affected> (Specific to 5.4)
        NOTE: 
https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3 
(v5.4.1)
        NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00123.html
-       NOTE: check 5.3, 5.2, 5.1 and 5.0 lua versions, different code but 
might be affected in similar way on updating oldpc value
 CVE-2020-15944 (An issue was discovered in the Gantt-Chart module before 5.5.5 
for Jir ...)
        NOT-FOR-US: Gantt-Chart module for Jira
 CVE-2020-15943 (An issue was discovered in the Gantt-Chart module before 5.5.4 
for Jir ...)
@@ -148493,6 +148492,7 @@ CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the 
admin.php?mod=product&amp;ac
        NOT-FOR-US: PHPSHE
 CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. 
For examp ...)
        - lua5.3 <unfixed> (bug #920321)
+       [bullseye] - lua5.3 <postponed> (Minor issue, revisit when fixed 
upstream)
        [buster] - lua5.3 <postponed> (Minor issue, revisit when fixed upstream)
        [stretch] - lua5.3 <postponed> (Minor issue, revisit when fixed 
upstream)
        - lua5.2 <not-affected> (Vulnerable code introduced later)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956b4a85d812864f199bbe72c242f85a302fabac

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956b4a85d812864f199bbe72c242f85a302fabac
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye triage

Reply via email to