[Git][security-tracker-team/security-tracker][master] Adjust affectness information for CVE-2018-19443/tryton-client
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 22 22:25:08 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aaba8130 by Salvatore Bonaccorso at 2018-11-22T22:23:12Z
Adjust affectness information for CVE-2018-19443/tryton-client
The vulnerable version 5.0.0 was never in Debian, and the next upload to
unstable straight bumped the version to 5.0.2 from 4.6.5 based version.
As such mark the issue as never have been affecting a Debian version of
src:tryton-client.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -40,9 +40,7 @@ CVE-2018-19439
CVE-2018-19438
RESERVED
CVE-2018-19443 (The client in Tryton 5.x before 5.0.1 tries to make a connection to the ...)
- - tryton-client 5.0.2-1
- [stretch] - tryton-client <not-affected> (Only affects 5.x)
- [jessie] - tryton-client <not-affected> (Only affects 5.x)
+ - tryton-client <not-affected> (Only affects 5.x, vulnerable 5.0.0 version never in Debian)
NOTE: https://discuss.tryton.org/t/security-release-for-issue7792/830
NOTE: https://bugs.tryton.org/issue7792
CVE-2018-19437 (UCMS 1.4.7 allows remote authenticated users to change the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aaba81301e752890f8164a708b3d8f2ec511a27b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aaba81301e752890f8164a708b3d8f2ec511a27b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181122/dc46f5a0/attachment.html>
More information about the debian-security-tracker-commits
mailing list