[Git][security-tracker-team/security-tracker][master] Update notes on CVE-2019-16787

Sat Dec 21 08:01:12 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73b39fcd by Salvatore Bonaccorso at 2019-12-21T07:59:44Z
Update notes on CVE-2019-16787

CVE-2019-19905 was assigned by the same issue in netcat. CVE-2019-16787
by the Github team, CVE-2019-19905, by MITRE CNA.

Handling of both CVEs requested to MITRE.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -96,6 +96,10 @@ CVE-2019-19906 (cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write le
 	- cyrus-sasl2 <unfixed> (bug #947043)
 	NOTE: https://github.com/cyrusimap/cyrus-sasl/issues/587
 	NOTE: https://www.openldap.org/its/index.cgi/Incoming?id=9123
+CVE-2019-16787
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-3cm7-rgh5-9pq5
+	NOTE: Duplicate of CVE-2019-19905
+	TODO: wait for MITRE CNA on feedback
 CVE-2019-19905 (NetHack before 3.6.4 is prone to a buffer overflow vulnerability when  ...)
 	- nethack <unfixed> (low; bug #947005)
 	[buster] - nethack <no-dsa> (Minor issue)
@@ -15623,8 +15627,6 @@ CVE-2019-16789
 	RESERVED
 CVE-2019-16788
 	RESERVED
-CVE-2019-16787
-	RESERVED
 CVE-2019-16786
 	RESERVED
 CVE-2019-16785



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b39fcdf9e687edd114bbe8fe44ca2e00cbd614

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73b39fcdf9e687edd114bbe8fe44ca2e00cbd614
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191221/050e403b/attachment.html>
