[Git][security-tracker-team/security-tracker][master] 2 commits: spip 3.0 not affected in Jessie

Sylvain Beucler beuc at debian.org
Wed Apr 10 11:52:28 BST 2019 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c1784d54 by Sylvain Beucler at 2019-04-10T09:54:14Z
spip 3.0 not affected in Jessie

- - - - -
23039f27 by Sylvain Beucler at 2019-04-10T10:52:01Z
graphviz/CVE-2019-11023: minor

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,6 +4,7 @@ CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to do
 	TODO: check
 CVE-2019-XXXX [arbitrary code execution by any identified visitor]
 	- spip 3.2.4-1 (bug #926764)
+	[jessie] - spip <not-affected> (SPIP 3.0 and earlier are not affected)
 	NOTE: https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html?lang=fr
 CVE-2019-11064
 	RESERVED
@@ -93,7 +94,9 @@ CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8
 	TODO: check
 CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ...)
 	- graphviz <unfixed> (bug #926724)
+	[jessie] - graphviz <postponed> (Minor issue; clean crash / DoS)
 	NOTE: https://gitlab.com/graphviz/graphviz/issues/1517
+	NOTE: https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932
 CVE-2019-11022
 	RESERVED
 CVE-2019-11021



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/249cc36d3bc345b11c0cee951a6ddd7a0aa4379c...23039f274f5c088e5541521713feae3334442d69

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/249cc36d3bc345b11c0cee951a6ddd7a0aa4379c...23039f274f5c088e5541521713feae3334442d69
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190410/fac98d67/attachment.html>

More information about the debian-security-tracker-commits mailing list