[Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2019-11745/nss

Wed Dec 4 08:11:37 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d439990 by Salvatore Bonaccorso at 2019-12-04T08:10:52Z
Add fixed version for CVE-2019-11745/nss

- - - - -
815d8a01 by Salvatore Bonaccorso at 2019-12-04T08:11:17Z
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26383,7 +26383,7 @@ CVE-2019-11746 (A use-after-free vulnerability can occur while manipulating vide
 CVE-2019-11745 [Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate]
 	RESERVED
 	{DLA-2008-1}
-	- nss <unfixed>
+	- nss 2:3.47.1-1
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1586176 (not public)
 	NOTE: Upstream patch: https://hg.mozilla.org/releases/mozilla-esr68/rev/ea1bc0fb2dda
 	NOTE: Fixed in 3.44.3 and 3.47.1 upstream.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3c77997f5c4f17b82a5b59c54c56851e4ec07434...815d8a0186321003866240f15679c6ae19cd4d74

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3c77997f5c4f17b82a5b59c54c56851e4ec07434...815d8a0186321003866240f15679c6ae19cd4d74
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191204/18de661b/attachment-0001.html>
