[Git][security-tracker-team/security-tracker][master] new postgres, clamav issues

Moritz Muehlenhoff jmm at debian.org
Thu Aug 8 16:13:43 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d043069e by Moritz Muehlenhoff at 2019-08-08T15:12:43Z
new postgres, clamav issues
musl no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2019-XXXX [clamav zip DoS]
+	- clamav 0.101.2+dfsg-3
+	[buster] - clamav <no-dsa> (ClamAV is updated via -updates)
+	[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
 CVE-2019-14774
 	RESERVED
 CVE-2019-14773
@@ -182,6 +186,8 @@ CVE-2019-14690 (AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::
 	NOTE: https://github.com/adplug/adplug/issues/85
 CVE-2019-14697 (musl libc through 1.1.23 has an x87 floating-point stack adjustment im ...)
 	- musl 1.1.23-2
+	[buster] - musl <no-dsa> (Minor issue)
+	[stretch] - musl <no-dsa> (Minor issue)
 	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441
 	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=6818c31c9bc4bbad5357f1de14bedf781e5b349e
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/06/1
@@ -13075,10 +13081,14 @@ CVE-2019-10211
 	RESERVED
 CVE-2019-10210
 	RESERVED
-CVE-2019-10209
+CVE-2019-10209 [postgres: Fix execution of hashed subplans that require cross-type comparison]
 	RESERVED
-CVE-2019-10208
+	- postgresql-11 11.5-1
+	NOTE: https://www.postgresql.org/docs/11/release-11-5.html
+CVE-2019-10208 [postgres: Require schema qualification to cast to a temporary type when using functional cast syntax]
 	RESERVED
+	- postgresql-11 11.5-1
+	NOTE: https://www.postgresql.org/docs/11/release-11-5.html
 CVE-2019-10207 [bluetooth: hci_uart: 0x0 address  execution as nonprivileged user]
 	RESERVED
 	- linux 5.2.6-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d043069eb5c861aa9174df57c202c1dadaa12861

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d043069eb5c861aa9174df57c202c1dadaa12861
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190808/47e38e1c/attachment.html>

More information about the debian-security-tracker-commits mailing list