[Git][security-tracker-team/security-tracker][master] Annotate second commit for CVE-2019-1352
Salvatore Bonaccorso
carnil at debian.org
Mon Dec 16 05:33:42 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a9fa3ebb by Salvatore Bonaccorso at 2019-12-16T05:32:16Z
Annotate second commit for CVE-2019-1352
This is actually not part of the CVE-2019-1352 (which is specifically
for the .git directory part), but additional safeguard. Keep it listed
for now thus.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60788,8 +60788,9 @@ CVE-2019-1352
{DSA-4581-1}
- git 1:2.24.0-2
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
- NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
+ NOTE: Additional hardening for .gitmodules (but not part of the CVE):
+ NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
CVE-2019-1351
RESERVED
- git 1:2.24.0-2 (unimportant)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9fa3ebb06962101d43e5fc4acf8f83de7a015a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9fa3ebb06962101d43e5fc4acf8f83de7a015a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191216/4032d32f/attachment.html>
More information about the debian-security-tracker-commits
mailing list