[Git][security-tracker-team/security-tracker][master] Add additional Debian bug reference for libxslt issues

Salvatore Bonaccorso carnil at debian.org
Sat Aug 3 14:35:36 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eaf75508 by Salvatore Bonaccorso at 2019-08-03T13:34:34Z
Add additional Debian bug reference for libxslt issues

A user reported for the three CVEs an additional bug, let's add it as
tracking bug as well, even there were already repsective bugs filled.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4931,7 +4931,7 @@ CVE-2019-13119
 	RESERVED
 CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characters of  ...)
 	{DLA-1860-1}
-	- libxslt <unfixed> (low; bug #931320)
+	- libxslt <unfixed> (low; bug #931320; bug #933743)
 	[buster] - libxslt <no-dsa> (Minor issue)
 	[stretch] - libxslt <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
@@ -4939,7 +4939,7 @@ CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characte
 	NOTE: https://oss-fuzz.com/testcase-detail/5197371471822848
 CVE-2019-13117 (In numbers.c in libxslt 1.1.33, an xsl:number with certain format stri ...)
 	{DLA-1860-1}
-	- libxslt <unfixed> (low; bug #931321)
+	- libxslt <unfixed> (low; bug #931321; bug #933743)
 	[buster] - libxslt <no-dsa> (Minor issue)
 	[stretch] - libxslt <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
@@ -10271,7 +10271,7 @@ CVE-2019-11069 (Sequelize version 5 before 5.3.0 does not properly ensure that s
 	NOT-FOR-US: Sequelize
 CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism because ...)
 	{DLA-1756-1}
-	- libxslt <unfixed> (bug #926895)
+	- libxslt <unfixed> (bug #926895; bug #933743)
 	[buster] - libxslt <no-dsa> (Minor issue)
 	[stretch] - libxslt <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12 (not public)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eaf755081cc394b9f71a5ce2f92178c8a1b3cd1e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eaf755081cc394b9f71a5ce2f92178c8a1b3cd1e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190803/1636fa16/attachment.html>

More information about the debian-security-tracker-commits mailing list