[Git][security-tracker-team/security-tracker][master] add references

Moritz Muehlenhoff jmm at debian.org
Fri Dec 13 13:10:26 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f8c22be by Moritz Muehlenhoff at 2019-12-13T13:10:07Z
add references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2684,6 +2684,7 @@ CVE-2019-19604 (Arbitrary command execution is possible in Git before 2.20.2, 2.
 	NOTE: provided by the fsck  is useful for protecting unpatched clients that are affected
 	NOTE: by the bug.
 	NOTE: https://gitlab.com/gitlab-com/gl-security/disclosures/blob/master/003_git_submodule/advisory.md
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-19603 (SQLite 3.30.1, during handling of CREATE TABLE and CREATE VIEW stateme ...)
 	- sqlite3 <unfixed>
 	NOTE: https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13
@@ -60655,6 +60656,7 @@ CVE-2019-1387
 	{DSA-4581-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1386
 	RESERVED
 CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
@@ -60724,36 +60726,43 @@ CVE-2019-1354
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1353
 	RESERVED
 	{DSA-4581-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1352
 	RESERVED
 	{DSA-4581-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1351
 	RESERVED
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1350
 	RESERVED
 	- git 1:2.24.0-2 (unimportant)
 	[buster] - git 1:2.20.1-2+deb10u1
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1349
 	RESERVED
 	{DSA-4581-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1348
 	RESERVED
 	{DSA-4581-1}
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
 CVE-2019-1347 (A denial of service vulnerability exists when Windows improperly handl ...)
 	NOT-FOR-US: Microsoft
 CVE-2019-1346 (A denial of service vulnerability exists when Windows improperly handl ...)
@@ -80816,6 +80825,7 @@ CVE-2018-12900 (Heap-based buffer overflow in the cpSeparateBufToContigBuf funct
 	[stretch] - tiff <postponed> (Minor issue, can be fixed along in future DSA)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2798
 	NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/60
+	NOTE: https://gitlab.com/libtiff/libtiff/commit/27124e9148b2056d0e0bf4033b4924d5d2a38d01
 CVE-2018-12899
 	RESERVED
 CVE-2018-12898



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f8c22be15a555682754ee5d3ca4e7fb07e521dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f8c22be15a555682754ee5d3ca4e7fb07e521dc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191213/25c7c6af/attachment.html>

More information about the debian-security-tracker-commits mailing list