[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11503/snapd
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 25 21:42:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
859de65f by Salvatore Bonaccorso at 2019-04-25T20:41:41Z
Add CVE-2019-11503/snapd
- - - - -
2fa83b6f by Salvatore Bonaccorso at 2019-04-25T20:41:58Z
Add CVE-2019-11502/snapd
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,9 +73,11 @@ CVE-2019-11505 (In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8
CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...)
TODO: check
CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...)
- TODO: check
+ - snapd <unfixed>
+ NOTE: https://github.com/snapcore/snapd/pull/6642
CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...)
- TODO: check
+ - snapd <unfixed>
+ NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1
CVE-2017-18367 (libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...)
TODO: check
CVE-2019-11501
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e700815d567547ba2602c023fdfd7c1deef7d64f...2fa83b6f2d6125d2acb84044cf079cdea311f054
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e700815d567547ba2602c023fdfd7c1deef7d64f...2fa83b6f2d6125d2acb84044cf079cdea311f054
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190425/6f1aee86/attachment.html>
More information about the debian-security-tracker-commits
mailing list