[Git][security-tracker-team/security-tracker][master] Reserve DLA-1920-1 for golang-go.crypto
Brian May pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a996d3c8 by Brian May at 2019-09-13T05:58:14Z
Reserve DLA-1920-1 for golang-go.crypto
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[13 Sep 2019] DLA-1920-1 golang-go.crypto - security update
+ {CVE-2019-11841}
+ [jessie] - golang-go.crypto 0.0~hg190-1+deb8u2
[12 Sep 2019] DLA-1919-1 linux-4.9 - security update
{CVE-2019-0136 CVE-2019-9506 CVE-2019-11487 CVE-2019-15211
CVE-2019-15212 CVE-2019-15215 CVE-2019-15216 CVE-2019-15218 CVE-2019-15219
CVE-2019-15220 CVE-2019-15221 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666
CVE-2019-15807 CVE-2019-15924 CVE-2019-15926}
[jessie] - linux-4.9 4.9.189-3~deb8u1
=
data/dla-needed.txt
=
@@ -35,11 +35,6 @@ freeimage
NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html
NOTE: 20190707: maintainer is waiting for upstream
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929597
--
-golang-go.crypto (Brian May)
- NOTE: 20190707: Check that an upload of this will not require reverse
build-deps to also be recompiled (see previous golang uploads?). (lamby)
- NOTE: Looks this this patch should be applied also to prevent infinite loop
(bam):
- NOTE:
https://go.googlesource.com/crypto/+/1bae088edb428672a48c02abd9ef6d889afe0af6%5E!/
---
hdf5
NOTE: 20190825: Upstream is aware of currently open issues. Progress is slow,
NOTE: wait for the next HDF5 point release and either do full package upgrade
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a996d3c8d548a86d1b9cb4c051c3de0279421daa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a996d3c8d548a86d1b9cb4c051c3de0279421daa
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cfd82528 by Salvatore Bonaccorso at 2019-09-12T21:15:20Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -6390,9 +6390,9 @@ CVE-2019-14239
CVE-2019-14238
RESERVED
CVE-2019-14237 (On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices,
Flash Acce ...)
- TODO: check
+ NOT-FOR-US: NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices
CVE-2019-14236 (On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4,
STM32F7, and ...)
- TODO: check
+ NOT-FOR-US: STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4,
STM32F7, and STM32H7 devices
CVE-2019-14235 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x
before ...)
{DSA-4498-1}
- python-django 2:2.2.4-1 (bug #934026)
@@ -8969,7 +8969,7 @@ CVE-2019-13546
CVE-2019-13545
RESERVED
CVE-2019-13544 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple
out-of-b ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13543
RESERVED
CVE-2019-13542
@@ -8977,7 +8977,7 @@ CVE-2019-13542
CVE-2019-13541
RESERVED
CVE-2019-13540 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple
stack-ba ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13539
RESERVED
CVE-2019-13538
@@ -8985,11 +8985,11 @@ CVE-2019-13538
CVE-2019-13537
RESERVED
CVE-2019-13536 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple
heap-bas ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13535
RESERVED
CVE-2019-13534 (Philips IntelliVue WLAN, portable patient monitors, WLAN
Version A, Fi ...)
- TODO: check
+ NOT-FOR-US: Philips
CVE-2019-13533
RESERVED
CVE-2019-13532
@@ -8997,7 +8997,7 @@ CVE-2019-13532
CVE-2019-13531
RESERVED
CVE-2019-13530 (Philips IntelliVue WLAN, portable patient monitors, WLAN
Version A, Fi ...)
- TODO: check
+ NOT-FOR-US: Philips
CVE-2019-13529
RESERVED
CVE-2019-13528
@@ -9132,7 +9132,7 @@ CVE-2019-13475 (In MobaXterm 11.1, the mobaxterm: URI
handler has an argument in
CVE-2019-13474
RESERVED
CVE-2019-13473 (TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo,
Imperial i110 ...)
- TODO: check
+ NOT-FOR-US: TELESTAR
CVE-2019-13472 (PHPWind 9.1.0 has XSS vulnerabilities in the c and m
parameters of the ...)
NOT-FOR-US: PHPWind
CVE-2019-13471
@@ -9409,7 +9409,7 @@ CVE-2019-13363
CVE-2019-13362 (Codedoc v3.2 has a stack-based buffer overflow in add_variable
in code ...)
NOT-FOR-US: Codedoc
CVE-2019-13361 (Smanos W100 1.0.0 devices have Insecure Permissions,
exploitable by an ...)
- TODO: check
+ NOT-FOR-US: Smanos W100 1.0.0 devices
CVE-2019-13360 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836,
remote at ...)
NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13359 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a
cwpsrv- ...)
@@ -9438,9 +9438,9 @@ CVE-2019-13351 (posix/JackSocket.cpp in libjack in JACK2
1.9.1 through 1.9.12 (a
CVE-2019-13350
RESERVED
CVE-2019-13349 (In Knowage through 6.1.1, an authenticated user that accesses
the user ...)
- TODO: check
+ NOT-FOR-US: Knowage
CVE-2019-13348 (In Knowage through 6.1.1, an authenticated user who accesses
the datas ...)
- TODO: check
+ NOT-FOR-US: Knowage
CVE-2019-13347
RESERVED
CVE-2019-13346 (In MyT 1.5.1, the User[username] parameter has XSS. ...)
@@ -9889,11 +9889,11 @@ CVE-2019-13192
CVE-2019-13191 (A SQL injection vulnerability in IntraMaps MapControl 8 allows
attacke ...)
TODO: check
CVE-2019-13190 (In Knowage through 6.1.1, the sign up page does not invalidate
a valid ...)
- TODO: check
+ NOT-FOR-US: Knowage
CVE-2019-13189 (In Knowage through 6.1.1, there is XSS via the start_url or
user_id fi ...)
- TODO: check
+ NOT-FOR-US: Knowage
CVE-2019-13188 (In Knowage through 6.1.1, an unauthenticated user can bypass
access co ...)
- TODO: check
+ NOT-FOR-US: Knowage
CVE-2019-13187 (The Rich Text Formatter (Redactor) extension through v1.1.1
for Sympho ...)
TODO: check
CVE-2019-13186 (In MiniCMS V1.10, stored XSS was found in
mc-admin/post-edit.php via t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfd8252801c884a90b0131aa2eb631e20bd07620
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfd8252801c884a90b0131aa2eb631e20bd07620
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
[Git][security-tracker-team/security-tracker][master] Add new issues for py-lmdb (CVE-2019-1622{4,5,6,7,8)
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
571591f7 by Salvatore Bonaccorso at 2019-09-12T20:58:52Z
Add new issues for py-lmdb (CVE-2019-1622{4,5,6,7,8)
Mark those as undetermned for now. Apparently upstream was not notified
about the issues, cf.
https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531004224 .
Wait for upstream investigation on
https://github.com/jnwatson/py-lmdb/issues/210 .
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -187,14 +187,24 @@ CVE-2019-16229
(drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5
- linux
NOTE: https://lkml.org/lkml/2019/9/9/487
CVE-2019-16228 (An issue was discovered in py-lmdb 0.97. There is a
divide-by-zero err ...)
+ - py-lmdb
+ NOTE: https://github.com/jnwatson/py-lmdb/issues/210
TODO: check
CVE-2019-16227 (An issue was discovered in py_lmdb 0.97. For certain values of
mn_flag ...)
+ - py-lmdb
+ NOTE: https://github.com/jnwatson/py-lmdb/issues/210
TODO: check
CVE-2019-16226 (An issue was discovered in py-lmdb 0.97. mdb_node_del does not
validat ...)
+ - py-lmdb
+ NOTE: https://github.com/jnwatson/py-lmdb/issues/210
TODO: check
CVE-2019-16225 (An issue was discovered in py-lmdb 0.97. For certain values of
mp_flag ...)
+ - py-lmdb
+ NOTE: https://github.com/jnwatson/py-lmdb/issues/210
TODO: check
CVE-2019-16224 (An issue was discovered in py-lmdb 0.97. For certain values of
md_flag ...)
+ - py-lmdb
+ NOTE: https://github.com/jnwatson/py-lmdb/issues/210
TODO: check
CVE-2019-16223 (WordPress before 5.2.3 allows XSS in post previews by
authenticated us ...)
- wordpress 5.2.3+dfsg1-1 (bug #939543)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/571591f73828d9d149b7a29181956145ed586cb9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/571591f73828d9d149b7a29181956145ed586cb9
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 681080c0 by Moritz Muehlenhoff at 2019-09-12T20:20:00Z NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -25,7 +25,7 @@ CVE-2019-16263 CVE-2019-16262 RESERVED CVE-2019-16261 (Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST req ...) - TODO: check + NOT-FOR-US: Tripp Lite PDUMH15AT CVE-2019-16260 RESERVED CVE-2019-16259 @@ -33,9 +33,9 @@ CVE-2019-16259 CVE-2019-16258 RESERVED CVE-2019-16257 (Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T ...) - TODO: check + NOT-FOR-US: SIMalliance Toolbox Browser CVE-2019-16256 (Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T ...) - TODO: check + NOT-FOR-US: SIMalliance Toolbox Browser CVE-2017-18633 RESERVED CVE-2017-18632 @@ -158,7 +158,7 @@ CVE-2019-16275 (hostapd before 2.10 and wpa_supplicant before 2.10 allow an inco NOTE: https://www.openwall.com/lists/oss-security/2019/09/11/7 NOTE: https://w1.fi/security/2019-7/ CVE-2019-16238 (Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged ...) - TODO: check + NOT-FOR-US: Afterlogic Aurora CVE-2019-16237 (Dino before 2019-09-10 does not properly check the source of an MAM me ...) - dino-im 0.0.git20190911.2a70a4e-1 NOTE: https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363 @@ -17337,23 +17337,23 @@ CVE-2019-10402 CVE-2019-10401 RESERVED CVE-2019-10400 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10399 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10398 (Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unenc ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10397 (Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier tran ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10396 (Jenkins Dashboard View Plugin 2.11 and earlier did not escape build de ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10395 (Jenkins Build Environment Plugin 1.6 and earlier did not escape variab ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10394 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10393 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10392 (Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict ...) - TODO: check + NOT-FOR-US: Jenkins plugin CVE-2019-10391 (Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier tra ...) NOT-FOR-US: IBM CVE-2019-10390 (A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/681080c05f8f44ab970ebd0cd5bb1238369fd48c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/681080c05f8f44ab970ebd0cd5bb1238369fd48c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4ad8074b by security tracker role at 2019-09-12T20:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -1,3 +1,121 @@
+CVE-2019-16274
+ RESERVED
+CVE-2019-16273
+ RESERVED
+CVE-2019-16272
+ RESERVED
+CVE-2019-16271
+ RESERVED
+CVE-2019-16270
+ RESERVED
+CVE-2019-16269
+ RESERVED
+CVE-2019-16268
+ RESERVED
+CVE-2019-16267
+ RESERVED
+CVE-2019-16266
+ RESERVED
+CVE-2019-16265
+ RESERVED
+CVE-2019-16264
+ RESERVED
+CVE-2019-16263
+ RESERVED
+CVE-2019-16262
+ RESERVED
+CVE-2019-16261 (Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated
POST req ...)
+ TODO: check
+CVE-2019-16260
+ RESERVED
+CVE-2019-16259
+ RESERVED
+CVE-2019-16258
+ RESERVED
+CVE-2019-16257 (Some Motorola devices include the SIMalliance Toolbox Browser
(aka S@T ...)
+ TODO: check
+CVE-2019-16256 (Some Samsung devices include the SIMalliance Toolbox Browser
(aka S@T ...)
+ TODO: check
+CVE-2017-18633
+ RESERVED
+CVE-2017-18632
+ RESERVED
+CVE-2017-18631
+ RESERVED
+CVE-2017-18630
+ RESERVED
+CVE-2017-18629
+ RESERVED
+CVE-2017-18628
+ RESERVED
+CVE-2017-18627
+ RESERVED
+CVE-2017-18626
+ RESERVED
+CVE-2017-18625
+ RESERVED
+CVE-2017-18624
+ RESERVED
+CVE-2017-18623
+ RESERVED
+CVE-2017-18622
+ RESERVED
+CVE-2017-18621
+ RESERVED
+CVE-2017-18620
+ RESERVED
+CVE-2017-18619
+ RESERVED
+CVE-2017-18618
+ RESERVED
+CVE-2017-18617
+ RESERVED
+CVE-2017-18616
+ RESERVED
+CVE-2017-18615
+ RESERVED
+CVE-2017-18614
+ RESERVED
+CVE-2017-18613
+ RESERVED
+CVE-2017-18612
+ RESERVED
+CVE-2016-10955
+ RESERVED
+CVE-2016-10954
+ RESERVED
+CVE-2016-10953
+ RESERVED
+CVE-2016-10952
+ RESERVED
+CVE-2016-10951
+ RESERVED
+CVE-2016-10950
+ RESERVED
+CVE-2016-10949
+ RESERVED
+CVE-2016-10948
+ RESERVED
+CVE-2016-10947
+ RESERVED
+CVE-2016-10946
+ RESERVED
+CVE-2016-10945
+ RESERVED
+CVE-2016-10944
+ RESERVED
+CVE-2016-10943
+ RESERVED
+CVE-2016-10942
+ RESERVED
+CVE-2016-10941
+ RESERVED
+CVE-2016-10940
+ RESERVED
+CVE-2016-10939
+ RESERVED
+CVE-2016-10938
+ RESERVED
CVE-2019-16255
RESERVED
CVE-2019-16254
@@ -35,12 +153,12 @@ CVE-2019-16239
CVE-2019- [signature bypass with multiple From addresses]
- opendmarc (bug #940081)
NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/48
-CVE-2019-16275 [2019-7: AP mode PMF disconnection protection bypass]
+CVE-2019-16275 (hostapd before 2.10 and wpa_supplicant before 2.10 allow an
incorrect ...)
- wpa (bug #940080)
NOTE: https://www.openwall.com/lists/oss-security/2019/09/11/7
NOTE: https://w1.fi/security/2019-7/
-CVE-2019-16238
- RESERVED
+CVE-2019-16238 (Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be
leveraged ...)
+ TODO: check
CVE-2019-16237 (Dino before 2019-09-10 does not properly check the source of
an MAM me ...)
- dino-im 0.0.git20190911.2a70a4e-1
NOTE:
https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363
@@ -245,6 +363,7 @@ CVE-2019-16165 (GNU cflow through 1.6 has a use-after-free
in the reference func
CVE-2019-16164 (MyHTML through 4.0.5 has a NULL pointer dereference in
myhtml_tree_nod ...)
NOT-FOR-US: MyHTML
CVE-2019-16163 (Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c
because of ...)
+ {DLA-1918-1}
- libonig (low; bug #939988)
[buster] - libonig (Minor issue)
[stretch] - libonig (Minor issue)
@@ -774,6 +893,7 @@ CVE-2019-15927 (An issue was discovered in the Linux kernel
before 4.20.2. An ou
[jessie] - linux 3.16.68-1
NOTE:
https://git.kernel.org/linus/f4351a199cc120ff9d59e06d02e8657d08e6cc46
CVE-2019-15926 (An issue was discovered in the Linux kernel before 5.2.3. Out
of bound ...)
+ {DLA-1919-1}
- linux 5.2.6-1
[buster] - linux 4.19.67-1
[stretch] - linux 4.9.189-1
@@ -799,6 +919,7 @@ CVE-2017-18595 (An issue was discovered in the Linux kernel
before 4.14.11. A do
[jessie] - linux 3.16.56-1
NOTE:
https://git.kernel.org/linus/4397f04575c44e1440ec2e49b6302785c95fd2f8
CVE-2019-15924 (An issue was discovered in the Linux kernel before 5.0.11.
fm10k_init_ ...)
+ {DLA-1919-1}
- linux 5.2.6-1
[buster] - linux 4.19.67-1
[stretch] - linux 4.9.184-1
@@ -1128,6 +1249,7 @@ CVE-2019-15790
CVE-2019-15789
RESERVED
CVE-2019-15807 (In the Linux kernel before 5.1.13, there is a memory leak in
drivers/s ...)
+ {DLA-1919-1}
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2019-1623{5,6,7}/dino-im tracking
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
efa5bf7b by Salvatore Bonaccorso at 2019-09-12T19:24:05Z
Add CVE-2019-1623{5,6,7}/dino-im tracking
Furthermore all three CVEs were addressed in the most recent unstable
upload already and thus mark it as fixed with the respective version
which entered unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -42,11 +42,14 @@ CVE-2019-16275 [2019-7: AP mode PMF disconnection
protection bypass]
CVE-2019-16238
RESERVED
CVE-2019-16237 (Dino before 2019-09-10 does not properly check the source of
an MAM me ...)
- TODO: check
+ - dino-im 0.0.git20190911.2a70a4e-1
+ NOTE:
https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363
CVE-2019-16236 (Dino before 2019-09-10 does not check roster push
authorization in mod ...)
- TODO: check
+ - dino-im 0.0.git20190911.2a70a4e-1
+ NOTE:
https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b8823d9
CVE-2019-16235 (Dino before 2019-09-10 does not properly check the source of a
carbons ...)
- TODO: check
+ - dino-im 0.0.git20190911.2a70a4e-1
+ NOTE:
https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc549c930
CVE-2019-16234 (drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux
kernel 5. ...)
- linux
NOTE: https://lkml.org/lkml/2019/9/9/487
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/efa5bf7b0878a2147bfa59f5267f0cf5b9076aa7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/efa5bf7b0878a2147bfa59f5267f0cf5b9076aa7
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2019-16275/wpa assigned for 2019-7 advisory issue
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2279fee9 by Salvatore Bonaccorso at 2019-09-12T19:11:26Z CVE-2019-16275/wpa assigned for 2019-7 advisory issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -35,7 +35,7 @@ CVE-2019-16239 CVE-2019- [signature bypass with multiple From addresses] - opendmarc (bug #940081) NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/48 -CVE-2019- [2019-7: AP mode PMF disconnection protection bypass] +CVE-2019-16275 [2019-7: AP mode PMF disconnection protection bypass] - wpa (bug #940080) NOTE: https://www.openwall.com/lists/oss-security/2019/09/11/7 NOTE: https://w1.fi/security/2019-7/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2279fee98e89e69b569b91528143525fc32362c0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2279fee98e89e69b569b91528143525fc32362c0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fb261482 by Salvatore Bonaccorso at 2019-09-12T17:41:23Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,13 +9,13 @@ CVE-2019-16252 CVE-2019-16251 RESERVED CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for ...) - TODO: check + NOT-FOR-US: Ocean Extra plugin for WordPress CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core ...) TODO: check CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android does not d ...) TODO: check CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommL ...) - TODO: check + NOT-FOR-US: Delta DCISoft CVE-2019-16246 RESERVED CVE-2019-16245 @@ -141,7 +141,7 @@ CVE-2019-16195 CVE-2019-16194 RESERVED CVE-2019-16193 (In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to t ...) - TODO: check + NOT-FOR-US: ArcGIS Enterprise CVE-2019-16192 (upload_model() in /admini/controllers/system/managemodel.php in DocCms ...) NOT-FOR-US: DocCMS CVE-2019-16191 @@ -399,7 +399,7 @@ CVE-2019-16100 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote atta CVE-2019-16099 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON dat ...) NOT-FOR-US: Silver Peak EdgeConnect SD-WAN CVE-2019-16098 (The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys ...) - TODO: check + NOT-FOR-US: Micro-Star MSI Afterburner CVE-2019-16097 (core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users ...) NOT-FOR-US: Harbor CVE-2016-10937 (IMAPFilter through 2.6.12 does not validate the hostname in an SSL cer ...) @@ -3541,13 +3541,13 @@ CVE-2019-15000 CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin Manager befo ...) NOT-FOR-US: Atlassian CVE-2019-14998 (The Webwork action Cross-Site Request Forgery (CSRF) protection implem ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2019-14997 (The AccessLogFilter class in Jira before version 8.4.0 allows remote a ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2019-14996 (The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2019-14995 (The /rest/api/1.0/render resource in Jira before version 8.4.0 allows ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2019-14994 RESERVED CVE-2019-14993 (Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressi ...) @@ -3693,7 +3693,7 @@ CVE-2019-14938 CVE-2019-14937 (REDCap before 9.3.0 allows time-based SQL injection in the edit calend ...) NOT-FOR-US: REDCap CVE-2019-14936 (Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Informat ...) - TODO: check + NOT-FOR-US: Easy!Appointments plugin for WordPress CVE-2019-14935 (3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA% ...) NOT-FOR-US: 3CX Phone 15 on Windows CVE-2019-14934 (An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_ki ...) @@ -4332,9 +4332,9 @@ CVE-2019-14727 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an CVE-2019-14726 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...) NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel CVE-2019-14725 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...) - TODO: check + NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel CVE-2019-14724 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...) - TODO: check + NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel CVE-2019-14723 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...) NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel CVE-2019-14722 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...) @@ -20870,7 +20870,7 @@ CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual App CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One, OfficeSca ...) NOT-FOR-US: Trend Micro CVE-2019-9488 (Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Prote ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the basis of fa ...) NOT-FOR-US: pfSense CVE-2018-20798 (The expiretable configuration in pfSense 2.4.4_1 establishes block dur ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb261482d3cab5009b6f9a1708df38e64436ddc0 -- View it on
[Git][security-tracker-team/security-tracker][master] CVE-2019-15717/irssi fixed in unstable
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1f3cd1ef by Salvatore Bonaccorso at 2019-09-12T17:21:10Z CVE-2019-15717/irssi fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1350,7 +1350,7 @@ CVE-2019-15718 (In systemd 240, bus_open_system_watch_bind_with_description in s NOTE: https://github.com/systemd/systemd/pull/13457 NOTE: https://github.com/systemd/systemd/commit/35e528018f315798d3bffcb592b32a0d8f5162bd CVE-2019-15717 (Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends ...) - - irssi (bug #936074) + - irssi 1.2.2-1 (bug #936074) [buster] - irssi (Minor issue) [stretch] - irssi (Vulnerable code not present) [jessie] - irssi (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f3cd1efd6c679ce5a62e5f684de83b8f8a87912 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f3cd1efd6c679ce5a62e5f684de83b8f8a87912 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2017-15124/qemu: reference complementary VNC/SASL patch
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker Commits: 9ab30f6d by Sylvain Beucler at 2019-09-12T15:27:29Z CVE-2017-15124/qemu: reference complementary VNC/SASL patch - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -106642,6 +106642,8 @@ CVE-2017-15124 (VNC server implementation in Quick Emulator (QEMU) 2.11.0 and ol - qemu-kvm [wheezy] - qemu-kvm (Can be fixed along in later update) NOTE: http://www.openwall.com/lists/oss-security/2017/12/19/4 + NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg03705.html + NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-02/msg00796.html CVE-2017-15123 (A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, ...) NOT-FOR-US: CloudForms CVE-2017-15122 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ab30f6d6b5019c5dc817bcc31884289d7f027f0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9ab30f6d6b5019c5dc817bcc31884289d7f027f0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Claim clamav and dnsmasq from dla-needed
Jonas Meurer pushed to branch master at Debian Security Tracker / security-tracker Commits: 12d00673 by Jonas Meurer at 2019-09-12T15:25:37Z Claim clamav and dnsmasq from dla-needed - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -21,14 +21,14 @@ ansible (Roberto C. Sánchez) cimg (Thorsten Alteholz) NOTE: inline function load_network_external is affected, variable filename -- -clamav +clamav (Jonas Meurer) NOTE: wait for definitive patch to be available, then upgrade to latest upstream NOTE: release (follow stretch changes) (hle) NOTE: https://lists.debian.org/debian-lts/2019/08/msg00023.html NOTE: 20190822: upstream has released 0.101.4, wait for stretch update (see bug NOTE: report) (hle) -- -dnsmasq +dnsmasq (Jonas Meurer) -- freeimage NOTE: Maintainer will take care of the update. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12d006732ee51126de26319f07b0fc4e2cd22a0d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12d006732ee51126de26319f07b0fc4e2cd22a0d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-1919-1 for linux-4.9
Ben Hutchings pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c600964e by Ben Hutchings at 2019-09-12T14:30:07Z
Reserve DLA-1919-1 for linux-4.9
- - - - -
1 changed file:
- data/DLA/list
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[12 Sep 2019] DLA-1919-1 linux-4.9 - security update
+ {CVE-2019-0136 CVE-2019-9506 CVE-2019-11487 CVE-2019-15211
CVE-2019-15212 CVE-2019-15215 CVE-2019-15216 CVE-2019-15218 CVE-2019-15219
CVE-2019-15220 CVE-2019-15221 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666
CVE-2019-15807 CVE-2019-15924 CVE-2019-15926}
+ [jessie] - linux-4.9 4.9.189-3~deb8u1
[12 Sep 2019] DLA-1918-1 libonig - security update
{CVE-2019-16163}
[jessie] - libonig 5.9.5-3.2+deb8u3
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c600964e138284c43164529e29a0243313d769ac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c600964e138284c43164529e29a0243313d769ac
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2019-16163/libonig: update jessie status
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker Commits: 3f3d0fd8 by Sylvain Beucler at 2019-09-12T09:58:12Z CVE-2019-16163/libonig: update jessie status - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -245,7 +245,6 @@ CVE-2019-16163 (Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c beca - libonig (low; bug #939988) [buster] - libonig (Minor issue) [stretch] - libonig (Minor issue) - [jessie] - libonig (Minor issue) NOTE: https://github.com/kkos/oniguruma/issues/147 NOTE: https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180 CVE-2019-16162 (Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class bec ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f3d0fd8308c8345fce55b66deb8955a9c4e07a1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f3d0fd8308c8345fce55b66deb8955a9c4e07a1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-1918-1 for libonig
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3fec19d5 by Sylvain Beucler at 2019-09-12T09:23:12Z
Reserve DLA-1918-1 for libonig
- - - - -
1 changed file:
- data/DLA/list
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[12 Sep 2019] DLA-1918-1 libonig - security update
+ {CVE-2019-16163}
+ [jessie] - libonig 5.9.5-3.2+deb8u3
[12 Sep 2019] DLA-1917-1 curl - security update
{CVE-2019-5482}
[jessie] - curl 7.38.0-4+deb8u16
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fec19d50cfa1aa2a2bcc8d9105033d826caa53b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fec19d50cfa1aa2a2bcc8d9105033d826caa53b
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-1917-1 for curl
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23b8cd27 by Chris Lamb at 2019-09-12T08:38:15Z
Reserve DLA-1917-1 for curl
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[12 Sep 2019] DLA-1917-1 curl - security update
+ {CVE-2019-5482}
+ [jessie] - curl 7.38.0-4+deb8u16
[11 Sep 2019] DLA-1916-1 opensc - security update
{CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418
CVE-2018-16419 CVE-2018-16420 CVE-2018-16421 CVE-2018-16422 CVE-2018-16423
CVE-2018-16424 CVE-2018-16425 CVE-2018-16426 CVE-2018-16427 CVE-2019-15945
CVE-2019-15946}
[jessie] - opensc 0.16.0-3+deb8u1
=
data/dla-needed.txt
=
@@ -28,8 +28,6 @@ clamav
NOTE: 20190822: upstream has released 0.101.4, wait for stretch update (see
bug
NOTE: report) (hle)
--
-curl (Chris Lamb)
---
dnsmasq
--
freeimage
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23b8cd27af68ce73a0687941f952f73a3e08603e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23b8cd27af68ce73a0687941f952f73a3e08603e
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d83e6b81 by security tracker role at 2019-09-12T08:10:15Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,37 @@ +CVE-2019-16255 + RESERVED +CVE-2019-16254 + RESERVED +CVE-2019-16253 + RESERVED +CVE-2019-16252 + RESERVED +CVE-2019-16251 + RESERVED +CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for ...) + TODO: check +CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core ...) + TODO: check +CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android does not d ...) + TODO: check +CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommL ...) + TODO: check +CVE-2019-16246 + RESERVED +CVE-2019-16245 + RESERVED +CVE-2019-16244 + RESERVED +CVE-2019-16243 + RESERVED +CVE-2019-16242 + RESERVED +CVE-2019-16241 + RESERVED +CVE-2019-16240 + RESERVED +CVE-2019-16239 + RESERVED CVE-2019- [signature bypass with multiple From addresses] - opendmarc (bug #940081) NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/48 @@ -2490,8 +2524,8 @@ CVE-2019-15304 (Lierda Grill Temperature Monitor V1.00_50006 has a default passw NOT-FOR-US: Lierda Grill Temperature Monitor CVE-2019-15303 RESERVED -CVE-2019-15302 - RESERVED +CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a ...) + TODO: check CVE-2019-15301 RESERVED CVE-2019-15300 @@ -8790,24 +8824,24 @@ CVE-2019-13546 RESERVED CVE-2019-13545 RESERVED -CVE-2019-13544 - RESERVED +CVE-2019-13544 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-b ...) + TODO: check CVE-2019-13543 RESERVED CVE-2019-13542 RESERVED CVE-2019-13541 RESERVED -CVE-2019-13540 - RESERVED +CVE-2019-13540 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-ba ...) + TODO: check CVE-2019-13539 RESERVED CVE-2019-13538 RESERVED CVE-2019-13537 RESERVED -CVE-2019-13536 - RESERVED +CVE-2019-13536 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-bas ...) + TODO: check CVE-2019-13535 RESERVED CVE-2019-13534 @@ -13396,8 +13430,8 @@ CVE-2019-11771 (AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs NOT-FOR-US: Eclipse OpenJ9 CVE-2019-11770 (In Eclipse Buildship versions prior to 3.1.1, the build files indicate ...) NOT-FOR-US: Eclipse Buildship -CVE-2019-11769 - RESERVED +CVE-2019-11769 (An issue was discovered in TeamViewer 14.2.2558. Updating the product ...) + TODO: check CVE-2019-11768 (An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability ...) - phpmyadmin (bug #930048) [jessie] - phpmyadmin (vulnerable code is not present) @@ -18167,11 +18201,9 @@ CVE-2019-10076 (A carefully crafted malicious attachment could trigger an XSS vu - jspwiki CVE-2019-10075 RESERVED -CVE-2019-10074 - RESERVED +CVE-2019-10074 (An RCE is possible by entering Freemarker markup in an Apache OFBiz Fo ...) NOT-FOR-US: Apache OFBiz -CVE-2019-10073 - RESERVED +CVE-2019-10073 (The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" ...) NOT-FOR-US: Apache OFBiz CVE-2019-10072 (The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 co ...) - tomcat9 9.0.22-1 (bug #931131) @@ -32019,10 +32051,10 @@ CVE-2019-5057 (An exploitable code execution vulnerability exists in the PCX ima NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb CVE-2019-5056 RESERVED -CVE-2019-5055 - RESERVED -CVE-2019-5054 - RESERVED +CVE-2019-5055 (An exploitable denial-of-service vulnerability exists in the Host Acce ...) + TODO: check +CVE-2019-5054 (An exploitable denial-of-service vulnerability exists in the session h ...) + TODO: check CVE-2019-5053 RESERVED CVE-2019-5052 (An exploitable integer overflow vulnerability exists when loading a PC ...) @@ -34944,16 +34976,16 @@ CVE-2019-3765 RESERVED CVE-2019-3764 RESERVED -CVE-2019-3763 - RESERVED +CVE-2019-3763 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...) + TODO: check CVE-2019-3762 RESERVED -CVE-2019-3761 - RESERVED -CVE-2019-3760 - RESERVED -CVE-2019-3759 - RESERVED +CVE-2019-3761 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...) + TODO: check +CVE-2019-3760 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...) + TODO: check
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim curl.
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: eb186e1e by Chris Lamb at 2019-09-12T07:08:38Z data/dla-needed.txt: Claim curl. - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -28,7 +28,7 @@ clamav NOTE: 20190822: upstream has released 0.101.4, wait for stretch update (see bug NOTE: report) (hle) -- -curl +curl (Chris Lamb) -- dnsmasq -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb186e1e29d01feb12c3b93556078513979e9063 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb186e1e29d01feb12c3b93556078513979e9063 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
