[Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2019-10877 in teeworlds for jessie LTS.
Chris Lamb
lamby at debian.org
Fri Apr 5 21:12:40 BST 2019
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3c600b65 by Chris Lamb at 2019-04-05T20:12:16Z
Triage CVE-2019-10877 in teeworlds for jessie LTS.
- - - - -
cbef5708 by Chris Lamb at 2019-04-05T20:12:16Z
Triage CVE-2019-10878 for teeworlds in jessie LTS.
- - - - -
0b218419 by Chris Lamb at 2019-04-05T20:12:18Z
Triage CVE-2019-10879 for teeworlds in jessie LTS.
- - - - -
b0d416e7 by Chris Lamb at 2019-04-05T20:12:18Z
Triage CVE-2019-10868 in tryton-server for jessie LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30,14 +30,17 @@ CVE-2018-20816 (An XSS combined with CSRF vulnerability discovered in SalesAgili
TODO: check
CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::O ...)
- teeworlds <unfixed>
+ [jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
NOTE: https://github.com/teeworlds/teeworlds/issues/2070
NOTE: https://github.com/teeworlds/teeworlds/commit/4d529dcd2d01022e979ebfa0b91167dee37cdb8e
CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader: ...)
- teeworlds <unfixed>
+ [jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
NOTE: https://github.com/teeworlds/teeworlds/issues/2073
NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in en ...)
- teeworlds <unfixed>
+ [jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
NOTE: https://github.com/teeworlds/teeworlds/issues/2071
NOTE: https://github.com/teeworlds/teeworlds/commit/d25869626a8cfbdd320929ba93ce73abed1402ce
NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
@@ -456,6 +459,7 @@ CVE-2019-1003051 (Jenkins IRC Plugin stores credentials unencrypted in its globa
NOT-FOR-US: Jenkins plugin
CVE-2019-10868 (In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 befo ...)
- tryton-server 5.0.4-2
+ [jessie] - tryton-server <not-affected> (vulnerable code is not present)
NOTE: https://discuss.tryton.org/t/security-release-for-issue8189/1262
NOTE: https://bugs.tryton.org/issue8189
NOTE: https://hg.tryton.org/trytond/rev/f58bbfe0aefb
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ca824502ee38e7d8c3f4738835c3e5d7af82deb5...b0d416e7c41d83d8ff68cf49f51f2b38dfdcddbf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ca824502ee38e7d8c3f4738835c3e5d7af82deb5...b0d416e7c41d83d8ff68cf49f51f2b38dfdcddbf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190405/14420784/attachment.html>
More information about the debian-security-tracker-commits
mailing list