runc: possibly not fixed

Sylvain Beucler (@beuc) Mon, 20 Feb 2023 08:27:31 -0800


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
db67e466 by Sylvain Beucler at 2023-02-20T17:27:32+01:00
CVE-2019-19921/runc: possibly not fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -235207,6 +235207,7 @@ CVE-2019-19921 (runc through 1.0.0-rc9 has Incorrect 
Access Control leading to E
        NOTE: https://github.com/opencontainers/runc/issues/2197
        NOTE: https://github.com/opencontainers/runc/pull/2190
        NOTE: 
https://github.com/opencontainers/runc/commit/3291d66b98445bd7f7d02eac7f2bca2ac2c56942
 (v1.0.0-rc10)
+       NOTE: possibly partial fix only: 
https://github.com/opencontainers/runc/issues/2197#issuecomment-1437276049
 CVE-2019-19919 (Versions of handlebars prior to 4.3.0 are vulnerable to 
Prototype Poll ...)
        - node-handlebars 3:4.5.3-1
        [buster] - node-handlebars 3:4.1.0-1+deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db67e4665aa975859c5fc900fae2ea9c519a972a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db67e4665aa975859c5fc900fae2ea9c519a972a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2019-19921/runc: possibly not fixed

Reply via email to