[Git][security-tracker-team/security-tracker][master] LTS: update triage of CVE-2019-8457/db5.3 so bullseye matches most recent analysis

Wed, 11 Sep 2024 11:01:09 -0700 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
aa8f0d38 by Roberto C. Sánchez at 2024-09-11T14:00:44-04:00
LTS: update triage of CVE-2019-8457/db5.3 so bullseye matches most recent 
analysis

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -403107,7 +403107,7 @@ CVE-2019-8458 (Check Point Endpoint Security Client 
for Windows, with Anti-Malwa
        NOT-FOR-US: Check Point Endpoint Security Client for Windows
 CVE-2019-8457 (SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to 
heap out-o ...)
        - db5.3 5.3.28+dfsg1-0.9 (bug #1010974)
-       [bullseye] - db5.3 <no-dsa> (Minor issue)
+       [bullseye] - db5.3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
        [buster] - db5.3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
        [stretch] - db5.3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
        - sqlite3 3.27.2-3 (bug #929775)
@@ -403119,6 +403119,7 @@ CVE-2019-8457 (SQLite3 from 3.6.0 to and including 
3.27.2 is vulnerable to heap
        NOTE: https://sqlite.org/src/info/87f261f0cb800b06
        NOTE: Affected function is not used in Debian and meant for debugging 
purposes,
        NOTE: backporting the fix would be very complex.
+       NOTE: https://lists.debian.org/debian-lts/2023/06/msg00012.html
        NOTE: https://lists.debian.org/debian-lts/2019/06/msg00013.html
        NOTE: https://lists.debian.org/debian-lts/2019/06/msg00036.html
 CVE-2019-8456 (Check Point IKEv2 IPsec VPN up to R80.30, in some less common 
conditio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa8f0d38b504f2b821af6c161ac28f9882eeab11

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa8f0d38b504f2b821af6c161ac28f9882eeab11
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to