[Git][security-tracker-team/security-tracker][master] Expand todo for CVE-2019-14655
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 5 20:09:17 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97a75246 by Salvatore Bonaccorso at 2019-08-05T19:07:42Z
Expand todo for CVE-2019-14655
This needs likely to be rejected according to current knowledge.
Reporter of the issue did reached same conclusion that there is no
heap-based buffer oveflow actually but still able to reproduce some
infinite loop.
Let's monitor that CVE later on and look if MITRE rejects it.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2019-14657
CVE-2019-14656
RESERVED
CVE-2019-14655 (Net-SNMP 5.8 has a heap-based buffer overflow because a call to netsnm ...)
- TODO: check
+ TODO: check, this is likely to be REJECTED, cf. own comments from reporter
CVE-2019-14654 (In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authoris ...)
NOT-FOR-US: Joomla!
CVE-2018-20954
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/97a75246723a46cfefacced55ba4229b011ef574
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/97a75246723a46cfefacced55ba4229b011ef574
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190805/1dd0f131/attachment.html>
More information about the debian-security-tracker-commits
mailing list