[Git][security-tracker-team/security-tracker][master] caddy entered the archive, mark as unfixed for pending review status

Mon, 19 Dec 2022 22:50:55 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5c1c68b8 by Salvatore Bonaccorso at 2022-12-20T07:50:17+01:00
caddy entered the archive, mark as unfixed for pending review status

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53451,7 +53451,7 @@ CVE-2022-29720 (74cmsSE v3.5.1 was discovered to 
contain an arbitrary file read
 CVE-2022-29719
        RESERVED
 CVE-2022-29718 (Caddy v2.4 was discovered to contain an open redirect 
vulnerability. A ...)
-       - caddy <itp> (bug #810890)
+       - caddy <unfixed>
 CVE-2022-29717
        RESERVED
 CVE-2022-29716
@@ -193252,7 +193252,7 @@ CVE-2019-20838 (libpcre in PCRE before 8.43 allows a 
subject buffer over-read in
        NOTE: Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1740 
(8.43)
        NOTE: Only an issue when UTF support disabled
 CVE-2018-21246 (Caddy before 0.10.13 mishandles TLS client authentication, as 
demonstr ...)
-       - caddy <itp> (bug #810890)
+       - caddy <unfixed>
 CVE-2018-21245 (Pound before 2.8 allows HTTP request smuggling, a related 
issue to CVE ...)
        - pound 2.8-2
        [stretch] - pound 2.7-1.3+deb9u1
@@ -289499,7 +289499,7 @@ CVE-2018-19149 (Poppler before 0.70.0 has a NULL 
pointer dereference in _poppler
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649457#c3
        NOTE: 
https://github.com/freedesktop/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
 (poppler-0.70.0)
 CVE-2018-19148 (Caddy through 0.11.0 sends incorrect certificates for certain 
invalid  ...)
-       - caddy <itp> (bug #810890)
+       - caddy <unfixed>
 CVE-2018-19147
        RESERVED
 CVE-2018-19146 (Concrete5 8.4.3 has XSS because config/concrete.php allows 
uploads (by ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c1c68b8b6736ac2b75d174a6ceeb0c53e84e4f3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c1c68b8b6736ac2b75d174a6ceeb0c53e84e4f3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to