[Git][security-tracker-team/security-tracker][master] Add CVE-2019-19687/keystone

Wed Dec 11 21:38:30 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e8822ae8 by Salvatore Bonaccorso at 2019-12-11T21:37:51Z
Add CVE-2019-19687/keystone

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1324,7 +1324,11 @@ CVE-2019-19689
 CVE-2019-19688
 	RESERVED
 CVE-2019-19687 (OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in th ...)
-	TODO: check
+	- keystone <unfixed>
+	[buster] - keystone <not-affected> (Vulnerable code introduced later)
+	[stretch] - keystone <not-affected> (Vulnerable code introduced later)
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/11/8
+	NOTE: https://bugs.launchpad.net/keystone/+bug/1855080
 CVE-2019-19686
 	RESERVED
 CVE-2019-19685 (RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8822ae813b90c9ce772ee7fb27a188ca5504c8e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8822ae813b90c9ce772ee7fb27a188ca5504c8e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191211/2a43e5b9/attachment.html>
