[Git][security-tracker-team/security-tracker][master] Add tracking bug for nodejs issues

Salvatore Bonaccorso carnil at debian.org
Fri Aug 16 09:43:38 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a5f07830 by Salvatore Bonaccorso at 2019-08-16T08:43:07Z
Add tracking bug for nodejs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17172,7 +17172,7 @@ CVE-2019-9514 (Some HTTP/2 implementations are vulnerable to a reset flood, pote
 	- golang-1.7 <removed>
 	- golang <removed>
 	- golang-golang-x-net-dev <unfixed>
-	- nodejs <unfixed>
+	- nodejs <unfixed> (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	- trafficserver <unfixed> (bug #934887)
@@ -17186,7 +17186,7 @@ CVE-2019-9514 (Some HTTP/2 implementations are vulnerable to a reset flood, pote
 	NOTE: https://github.com/h2o/h2o/issues/2090
 CVE-2019-9513 (Some HTTP/2 implementations are vulnerable to resource loops, potentia ...)
 	- nginx <unfixed>
-	- nodejs <unfixed>
+	- nodejs <unfixed> (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	NOTE: https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
@@ -17211,7 +17211,7 @@ CVE-2019-9512 (Some HTTP/2 implementations are vulnerable to ping floods, potent
 	NOTE: https://github.com/h2o/h2o/issues/2090
 CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipulation ...)
 	- nginx <unfixed>
-	- nodejs <unfixed>
+	- nodejs <unfixed> (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	NOTE: https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5f07830f23ec0ab501c2ec8fdc3af59594c1d61

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5f07830f23ec0ab501c2ec8fdc3af59594c1d61
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190816/41938c3c/attachment.html>

More information about the debian-security-tracker-commits mailing list