[Git][security-tracker-team/security-tracker][master] Add CVE-2019-15239/linux
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 20 11:27:02 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
69c8692c by Salvatore Bonaccorso at 2019-08-20T10:26:34Z
Add CVE-2019-15239/linux
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2019-15239 [TCP reconnection use-after-free]
+ - linux 4.15.4-1
+ NOTE: https://pulsesecurity.co.nz/advisories/linux-kernel-4.9-tcpsocketsuaf
+ NOTE: Workaround entry for main entry as the issue never affected upstream version
+ NOTE: actually and is specific to the stable versions backports.
CVE-2019-15238
RESERVED
CVE-2019-15237 (Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, ...)
=====================================
data/DLA/list
=====================================
@@ -23,7 +23,7 @@
{CVE-2017-18509 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856 CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284}
[jessie] - linux-4.9 4.9.168-1+deb9u5~deb8u1
[13 Aug 2019] DLA-1884-1 linux - security update
- {CVE-2017-18509 CVE-2018-20836 CVE-2019-1125 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284}
+ {CVE-2017-18509 CVE-2018-20836 CVE-2019-1125 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-15239}
[jessie] - linux 3.16.72-1
[13 Aug 2019] DLA-1883-1 tomcat8 - security update
{CVE-2016-5388 CVE-2018-8014 CVE-2019-0221}
=====================================
data/DSA/list
=====================================
@@ -20,7 +20,7 @@
[stretch] - python-django 1:1.10.7-2+deb9u6
[buster] - python-django 1:1.11.23-1~deb10u1
[13 Aug 2019] DSA-4497-1 linux - security update
- {CVE-2015-8553 CVE-2017-18509 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856 CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284}
+ {CVE-2015-8553 CVE-2017-18509 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856 CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-15239}
[stretch] - linux 4.9.168-1+deb9u5
[11 Aug 2019] DSA-4496-1 pango1.0 - security update
{CVE-2019-1010238}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/69c8692c54601b94ca1b912c5f82754db2ee2a91
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/69c8692c54601b94ca1b912c5f82754db2ee2a91
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190820/22175bfd/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list