[Git][security-tracker-team/security-tracker][master] new symfony issues

Moritz Muehlenhoff jmm at debian.org
Fri Dec 7 07:51:40 GMT 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e6f05dd by Moritz Muehlenhoff at 2018-12-07T07:51:16Z
new symfony issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -359,10 +359,14 @@ CVE-2018-19792 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows lo
 	NOT-FOR-US: OpenLiteSpeed
 CVE-2018-19791 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not ...)
 	NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19790
+CVE-2018-19790 [symfony: Open Redirect Vulnerability when using Security\Http]
 	RESERVED
-CVE-2018-19789
+	- symfony 3.4.20+dfsg-1
+	NOTE: https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
+CVE-2018-19789 [symfony: Disclosure of uploaded files full path]
 	RESERVED
+	- symfony 3.4.20+dfsg-1
+	NOTE: https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
 CVE-2018-19788 (A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user ...)
 	- policykit-1 <unfixed> (bug #915332)
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/issues/74



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e6f05dd43d6d780ce47b7a8b66624f057bfd2d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e6f05dd43d6d780ce47b7a8b66624f057bfd2d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181207/22ee043a/attachment.html>


More information about the debian-security-tracker-commits mailing list