[Git][security-tracker-team/security-tracker][master] stretch triage

Moritz Muehlenhoff jmm at debian.org
Wed Dec 12 21:01:59 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6871666 by Moritz Muehlenhoff at 2018-12-12T21:01:32Z
stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,6 +42,7 @@ CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. There is a path trave
 	TODO: check
 CVE-2018-XXXX [response discrepancy information exposure]
 	- mini-httpd <unfixed> (bug #916190)
+	[stretch] - mini-httpd <no-dsa> (Minor issue)
 	NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2018-01.md
 CVE-2018-20093
 	RESERVED
@@ -111,6 +112,7 @@ CVE-2018-20061 (A SQL injection issue was discovered in ERPNext 10.x and 11.x th
 	NOT-FOR-US: Frappe ERPNext
 CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HTTP ...)
 	- python-urllib3 1.24-1
+	[stretch] - python-urllib3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/urllib3/urllib3/issues/1316
 	NOTE: https://github.com/urllib3/urllib3/pull/1346
 	NOTE: https://github.com/urllib3/urllib3/commit/3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c
@@ -5792,6 +5794,7 @@ CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the .
 CVE-2018-19516
 	RESERVED
 	- kf5-messagelib <unfixed> (bug #915039)
+	[stretch] - kf5-messagelib <no-dsa> (Minor issue)
 	NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt
 	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612
 CVE-2018-19515



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181212/7fd63b2b/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list