[Git][security-tracker-team/security-tracker][master] Start tracking source package for CVE-2019-0223/qpid-proton

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cfbaaf4a by Salvatore Bonaccorso at 2019-04-24T07:38:18Z
Start tracking source package for CVE-2019-0223/qpid-proton

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30510,7 +30510,14 @@ CVE-2019-0225 (A specially crafted url could be used to access files under the R
 CVE-2019-0224 (In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could ex ...)
 	- jspwiki <removed>
 CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under some cir ...)
-	TODO: check
+	- qpid-proton <unfixed>
+	NOTE: https://issues.apache.org/jira/browse/PROTON-2014
+	NOTE: https://qpid.apache.org/cves/CVE-2019-0223.html
+	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733
+	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=159fac1
+	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=4aea0fd
+	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=2d3ba8a
+	TODO: check details
 CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ...)
 	- activemq <unfixed> (bug #925964)
 	[jessie] - activemq <not-affected> (MQTT support not enabled)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfbaaf4a9800f34249d20644f60973d92f3a992a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cfbaaf4a9800f34249d20644f60973d92f3a992a
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190424/265d3617/attachment.html>