[Git][security-tracker-team/security-tracker][master] data/CVE/list: Add upstream commit that fixes CVE-2019-3884, CVE-2018-16878...

Mike Gabriel sunweaver at debian.org
Tue Apr 30 13:48:50 BST 2019 


Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker


Commits:
126b98b9 by Mike Gabriel at 2019-04-30T12:48:38Z
data/CVE/list: Add upstream commit that fixes CVE-2019-3884, CVE-2018-16878 and CVE-2018-16876 in pacemaker.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19037,6 +19037,7 @@ CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 an
 CVE-2019-3885 (A use-after-free flaw was found in pacemaker up to and including versi ...)
 	- pacemaker <unfixed> (bug #927714)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
+	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749/commits/970736b1c7ad5c78cc5295a4231e546104d55893
 CVE-2019-3884
 	RESERVED
 	NOT-FOR-US: atomic-openshift
@@ -37390,9 +37391,11 @@ CVE-2018-16879 (Ansible Tower before version 3.3.3 does not set a secure channel
 CVE-2018-16878 (A flaw was found in pacemaker up to and including version 2.0.1. An in ...)
 	- pacemaker <unfixed> (bug #927714)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
+	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749/commits/970736b1c7ad5c78cc5295a4231e546104d55893
 CVE-2018-16877 (A flaw was found in the way pacemaker's client-server authentication w ...)
 	- pacemaker <unfixed> (bug #927714)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
+	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749/commits/970736b1c7ad5c78cc5295a4231e546104d55893
 CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ...)
 	{DSA-4396-1}
 	- ansible 2.7.6+dfsg-1 (bug #916102)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/126b98b97495deaffbb6978344506362809d5283

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/126b98b97495deaffbb6978344506362809d5283
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190430/a29390c3/attachment.html>

More information about the debian-security-tracker-commits mailing list