[Git][security-tracker-team/security-tracker][master] Add new git issues
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 10 18:06:02 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf1a4d1d by Salvatore Bonaccorso at 2019-12-10T18:05:34Z
Add new git issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -155,6 +155,16 @@ CVE-2019-19605
RESERVED
CVE-2019-19604
RESERVED
+ - git <unfixed>
+ [buster] - git 1:2.20.1-2+deb10u1
+ [stretch] - git <not-affected> (Vulnerable code introduced in v2.20.0-rc0)
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e904deb89d9a9669a76a426182506a084d3f6308
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=bb92255ebe6bccd76227e023d6d0bc997e318ad0
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c1547450748fcbac21675f2681506d2d80351a19
+ NOTE: Upstream did backport fixes for CVE-2019-19604 to older versions as the introducing
+ NOTE: version for sake of robustness/hardening. In particular, the server-side protection
+ NOTE: provided by the fsck is useful for protecting unpatched clients that are affected
+ NOTE: by the bug.
CVE-2019-19603
RESERVED
CVE-2019-19601 (OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ...)
@@ -58072,6 +58082,8 @@ CVE-2019-1388 (An elevation of privilege vulnerability exists in the Windows Cer
NOT-FOR-US: Microsoft
CVE-2019-1387
RESERVED
+ - git <unfixed>
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
CVE-2019-1386
RESERVED
CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
@@ -58138,18 +58150,36 @@ CVE-2019-1355
RESERVED
CVE-2019-1354
RESERVED
+ - git <unfixed> (unimportant)
+ [buster] - git 1:2.20.1-2+deb10u1
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
CVE-2019-1353
RESERVED
+ - git <unfixed>
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
CVE-2019-1352
RESERVED
+ - git <unfixed> (unimportant)
+ [buster] - git 1:2.20.1-2+deb10u1
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
CVE-2019-1351
RESERVED
+ - git <unfixed> (unimportant)
+ [buster] - git 1:2.20.1-2+deb10u1
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
CVE-2019-1350
RESERVED
+ - git <unfixed> (unimportant)
+ [buster] - git 1:2.20.1-2+deb10u1
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
CVE-2019-1349
RESERVED
+ - git <unfixed>
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
CVE-2019-1348
RESERVED
+ - git <unfixed>
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
CVE-2019-1347 (A denial of service vulnerability exists when Windows improperly handl ...)
NOT-FOR-US: Microsoft
CVE-2019-1346 (A denial of service vulnerability exists when Windows improperly handl ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf1a4d1da993ae2660621b3055e59e81390e54ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf1a4d1da993ae2660621b3055e59e81390e54ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191210/b06f39d2/attachment.html>
More information about the debian-security-tracker-commits
mailing list