[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-20505 as not affected for Jessie

Fri, 24 Jan 2020 07:08:06 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
32cfd136 by Thorsten Alteholz at 2020-01-24T15:50:10+01:00
mark CVE-2018-20505 as not affected for Jessie

- - - - -
81610064 by Thorsten Alteholz at 2020-01-24T16:06:29+01:00
mark CVE-2019-9936 as not-affected for Jessie

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46573,7 +46573,7 @@ CVE-2019-9937 (In SQLite 3.27.2, interleaving reads and 
writes in a single trans
 CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix queries inside a 
transaction cou ...)
        - sqlite3 3.27.2-2 (low; bug #925289)
        [stretch] - sqlite3 <no-dsa> (Minor issue)
-       [jessie] - sqlite3 <no-dsa> (Minor issue)
+       [jessie] - sqlite3 <not-affected> (fts5 introducded later, function not 
available for fts3)
        NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
 CVE-2019-9935 (Various Lexmark products have Incorrect Access Control (issue 2 
of 2). ...)
        NOT-FOR-US: Lexmark
@@ -64487,7 +64487,7 @@ CVE-2018-20506 (SQLite before 3.25.3, when the FTS3 
extension is enabled, encoun
 CVE-2018-20505 (SQLite 3.25.2, when queries are run on a table with a 
malformed PRIMAR ...)
        - sqlite3 3.25.3-1
        [stretch] - sqlite3 <no-dsa> (Minor issue)
-       [jessie] - sqlite3 <no-dsa> (Minor issue)
+       [jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
        NOTE: https://sqlite.org/src/info/1a84668dcfdebaf12415d
 CVE-2018-20504
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e94f07d1deffc86ba785d86a3c3d2c7ece4106b...8161006474a220a7f4b98f6311f4a100b7b2236f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e94f07d1deffc86ba785d86a3c3d2c7ece4106b...8161006474a220a7f4b98f6311f4a100b7b2236f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to