[Git][security-tracker-team/security-tracker][master] new golang-github-miekg-dns issue

Tue Dec 17 09:58:06 GMT 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
110f95b0 by Moritz Muehlenhoff at 2019-12-17T09:57:39Z
new golang-github-miekg-dns issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87,7 +87,11 @@ CVE-2019-19796 (Yabasic 2.86.2 has a heap-based buffer overflow in myformat in f
 CVE-2019-19795 (samurai 0.7 has a heap-based buffer overflow in canonpath in util.c vi ...)
 	NOT-FOR-US: samurai
 CVE-2019-19794 (The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6. ...)
-	TODO: check
+	- golang-github-miekg-dns <unfixed>
+	NOTE: https://github.com/coredns/coredns/issues/3519
+	NOTE: https://github.com/miekg/dns/compare/v1.1.24...v1.1.25
+	NOTE: https://github.com/miekg/dns/issues/1043
+	NOTE: https://github.com/miekg/dns/pull/1044
 CVE-2019-19793 (In Cyxtera AppGate SDP Client 4.1.x through 4.3.x before 4.3.2 on Wind ...)
 	NOT-FOR-US: Cyxtera AppGate SDP Client
 CVE-2019-19792
@@ -1234,7 +1238,7 @@ CVE-2019-19733
 CVE-2019-19732
 	RESERVED
 CVE-2019-19731 (Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote  ...)
-	TODO: check
+	NOT-FOR-US: Roxy Fileman
 CVE-2019-19730
 	RESERVED
 CVE-2019-19729 (An issue was discovered in the BSON ObjectID (aka bson-objectid) packa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/110f95b05951e355005c994e26e95e6668a73015

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/110f95b05951e355005c994e26e95e6668a73015
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191217/46d3512a/attachment.html>
