[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18849/tnef as no-dsa for buster and stretch
Salvatore Bonaccorso
carnil at debian.org
Wed Dec 4 14:35:34 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3f351f42 by Salvatore Bonaccorso at 2019-12-04T14:33:39Z
Mark CVE-2019-18849/tnef as no-dsa for buster and stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2305,6 +2305,8 @@ CVE-2019-18850
CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the victim' ...)
{DLA-2005-1}
- tnef <unfixed> (bug #944851)
+ [buster] - tnef <no-dsa> (Minor issue; can be fixed via point release)
+ [stretch] - tnef <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://github.com/verdammelt/tnef/pull/40
CVE-2019-18848 (The json-jwt gem before 1.11.0 for Ruby lacks an element count during ...)
- ruby-json-jwt <unfixed> (bug #944850)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f351f42a480c1b0c9b12deb4b00f0990a6f2408
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f351f42a480c1b0c9b12deb4b00f0990a6f2408
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191204/1ac28879/attachment.html>
More information about the debian-security-tracker-commits
mailing list