[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2019-19624 in opencv for jessie LTS.

Chris Lamb lamby at debian.org
Sun Dec 8 11:53:17 GMT 2019 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
041339f9 by Chris Lamb at 2019-12-08T11:52:16Z
Triage CVE-2019-19624 in opencv for jessie LTS.

- - - - -
5d62277e by Chris Lamb at 2019-12-08T11:52:20Z
data/dla-needed.txt: Triage phpmyadmin for jessie LTS.

- - - - -
64c53424 by Chris Lamb at 2019-12-08T11:52:49Z
data/dla-needed.txt: Add note for phpmyadmin.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,6 +42,7 @@ CVE-2019-19625 (SROS 2 0.8.1 (which provides the tools that generate and distrib
 CVE-2019-19624 (An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifica ...)
 	- opencv 4.1.2+dfsg-3
 	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
+	[jessie] - opencv <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418
 	NOTE: https://github.com/opencv/opencv/issues/14554
 CVE-2019-19623


=====================================
data/dla-needed.txt
=====================================
@@ -84,6 +84,9 @@ php-horde-trean (Roberto C. Sánchez)
   NOTE: 20191126: Corresponding with security team regarding CVE assignments. (roberto)
   NOTE: 20191203: Pinged upstream and MITRE regarding correctness of CVE assignments. (roberto)
 --
+phpmyadmin
+  NOTE: 20191208: Vulnerable code appears to be in libraries/display_git_revision.lib.php. (lamby)
+--
 python-oslo.utils (Abhijith PA)
   NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c79049aaac8dc6f60d4ddbd39bde4a335512f761...64c53424bcc0221bac4dc540a99d8bcd7a498eaa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c79049aaac8dc6f60d4ddbd39bde4a335512f761...64c53424bcc0221bac4dc540a99d8bcd7a498eaa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191208/a1e18bd9/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list