[Git][security-tracker-team/security-tracker][master] dia unimportant

Moritz Muehlenhoff jmm at debian.org
Sun Dec 1 18:23:41 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c88630c by Moritz Muehlenhoff at 2019-12-01T18:23:08Z
dia unimportant
libvncserver no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -233,12 +233,11 @@ CVE-2019-19453
 CVE-2019-19452
 	RESERVED
 CVE-2019-19451 (When GNOME Dia before 2019-11-27 is launched with a filename argument  ...)
-	- dia <unfixed> (bug #945876)
-	[buster] - dia <no-dsa> (Minor issue)
-	[stretch] - dia <no-dsa> (Minor issue)
+	- dia <unfixed> (unimportant; bug #945876)
 	NOTE: https://gitlab.gnome.org/GNOME/dia/issues/428
 	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/dia/commit/9a5f438d4b3e718c8ab0efe01d08ee2c3a0d9a86
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/dia/commit/baa2df853f9fb770eedcf3d94c7f5becebc90bb9
+	NOTE: Negligible security impact, hang in end user tool
 CVE-2019-19450
 	RESERVED
 CVE-2019-19449
@@ -13268,7 +13267,9 @@ CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access rea
 CVE-2019-15681 (LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains ...)
 	{DLA-2014-1 DLA-1979-1 DLA-1977-1}
 	[experimental] - libvncserver 0.9.12+dfsg-1
-	- libvncserver <unfixed> (bug #943793)
+	- libvncserver <unfixed> (low; bug #943793)
+	[buster] - libvncserver <no-dsa> (Minor issue)
+	[stretch] - libvncserver <no-dsa> (Minor issue)
 	- italc <removed>
 	- vino <unfixed> (bug #945784)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c88630cc2f2ca4780bec9ed45b0d10a04840acf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c88630cc2f2ca4780bec9ed45b0d10a04840acf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191201/95ccf70f/attachment.html>

More information about the debian-security-tracker-commits mailing list