[Git][security-tracker-team/security-tracker][master] Add CVE-2019-11072/lighttpd
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 11 20:18:09 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ae584324 by Salvatore Bonaccorso at 2019-04-11T19:17:27Z
Add CVE-2019-11072/lighttpd
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,9 @@ CVE-2019-11074
CVE-2019-11073
RESERVED
CVE-2019-11072 (lighttpd before 1.4.54 has a signed integer overflow, which might allo ...)
- TODO: check
+ - lighttpd <unfixed>
+ NOTE: https://redmine.lighttpd.net/issues/2945
+ NOTE: https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354
CVE-2019-11070 (WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly ap ...)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae58432467129a0ef8b8291dd85e0fac9f46c2f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae58432467129a0ef8b8291dd85e0fac9f46c2f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190411/86626194/attachment.html>
More information about the debian-security-tracker-commits
mailing list