Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6e87b367 by Salvatore Bonaccorso at 2023-05-23T08:09:20+02:00
Track fixed version for older nghttp2 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -469259,9 +469259,9 @@ CVE-2015-4335 (Redis before 2.8.21 and 3.x before
3.0.2 allows remote attackers
NOTE: Patch:
https://github.com/antirez/redis/commit/fdf9d455098f54f7666c702ae464e6ea21e25411
NOTE: https://www.openwall.com/lists/oss-security/2015/06/05/3
CVE-2015-XXXX [Null pointer access in inflatehd tool]
- - nghttp2 <unfixed> (unimportant)
+ - nghttp2 1.3.0-0.2 (unimportant)
NOTE: Upstream report: https://github.com/tatsuhiro-t/nghttp2/issues/235
- NOTE: Git commit:
https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
+ NOTE: Git commit:
https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
(v0.7.15)
NOTE: CVE Request:
https://www.openwall.com/lists/oss-security/2015/06/03/20
NOTE: inflatehd not installed into the Debian binary packages
CVE-2015-5523 (The ParseValue function in lexer.c in tidy before 4.9.31 allows
remote ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e87b36752f1e2e33a14108e58d86579c2205de6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e87b36752f1e2e33a14108e58d86579c2205de6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
