[Git][security-tracker-team/security-tracker][master] 3 commits: Mark jessie as not affected by CVE-2019-3870 (samba)

Mon, 08 Apr 2019 02:13:48 -0700 


Sebastien Delafond pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
54de2672 by Sébastien Delafond at 2019-04-08T09:08:22Z
Mark jessie as not affected by CVE-2019-3870 (samba)

- - - - -
cd4c5e23 by Sébastien Delafond at 2019-04-08T09:09:21Z
Mark CVE-2019-3824 (samba) as fixed by 2:4.9.5+dfsg-1

- - - - -
6bb0dd85 by Sébastien Delafond at 2019-04-08T09:12:22Z
Mark CVE-2019-3870 and CVE-2019-3880 (samba) as fixed by 2:4.9.5+dfsg-3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17199,7 +17199,7 @@ CVE-2019-3881
        RESERVED
 CVE-2019-3880 [Save registry file outside share as unprivileged user]
        {DSA-4427-1}
-       - samba <unfixed>
+       - samba 2:4.9.5+dfsg-3
        NOTE: https://www.samba.org/samba/security/CVE-2019-3880.html
 CVE-2019-3879 (It was discovered that in the ovirt's REST API before version 
4.3.2.1, ...)
        NOT-FOR-US: ovirt-engine
@@ -17233,8 +17233,9 @@ CVE-2019-3871 (A vulnerability was found in PowerDNS 
Authoritative Server before
        NOTE: 
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
        NOTE: Patches: https://downloads.powerdns.com/patches/2019-03/
 CVE-2019-3870 [During the provision of a new Active Directory DC, some files 
in the ...]
-       - samba <unfixed>
+       - samba 2:4.9.5+dfsg-3
        [stretch] - samba <not-affected> (Vulnerable code not present)
+       [jessie] - samba <not-affected> (Vulnerable code not present)
        NOTE: https://www.samba.org/samba/security/CVE-2019-3870.html
 CVE-2019-3869 (When running Tower before 3.4.3 on OpenShift or Kubernetes, 
applicatio ...)
        NOT-FOR-US: Ansible Tower
@@ -17417,7 +17418,7 @@ CVE-2019-3825 (A vulnerability was discovered in gdm 
before 3.31.4. When timed l
 CVE-2019-3824 (A flaw was found in the way an LDAP search expression could 
crash the  ...)
        {DSA-4397-1 DLA-1699-1}
        - ldb 2:1.5.1+really1.4.3-2
-       - samba <unfixed> (unimportant)
+       - samba 2:4.9.5+dfsg-1 (unimportant)
        NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13773
        NOTE: Samba uses the System ldb library
 CVE-2019-3823 (libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to 
a heap ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/11c067424206aaed50d61af7c3d652cfdba33fed...6bb0dd8535efbdc7911de6c80e8a29bf31d5d0fb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/11c067424206aaed50d61af7c3d652cfdba33fed...6bb0dd8535efbdc7911de6c80e8a29bf31d5d0fb
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to