[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-4527/c3p0

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0fae8cf4 by Salvatore Bonaccorso at 2019-04-25T07:22:24Z
Add Debian bug reference for CVE-2019-4527/c3p0

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15605,7 +15605,7 @@ CVE-2019-5428 (A prototype pollution vulnerability exists in jQuery versions &lt
 	NOTE: Duplicate of CVE-2019-11358	
 	TODO: check (MITRE already contacted)
 CVE-2019-5427 (c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack  ...)
-	- c3p0 <unfixed>
+	- c3p0 <unfixed> (bug #927936)
 	NOTE: https://hackerone.com/reports/509315
 	NOTE: Fixed by: https://github.com/swaldman/c3p0/commit/f38f27635c384806c2a9d6500d80183d9f09d78b
 CVE-2019-5426 (In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fae8cf4f7a62614b5b02fc9f6d1d03eabb0fdca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0fae8cf4f7a62614b5b02fc9f6d1d03eabb0fdca
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190425/cfe64207/attachment-0001.html>