[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-1678{5,6}/waitress

Salvatore Bonaccorso carnil at debian.org
Tue Dec 24 09:47:08 GMT 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
46e23334 by Salvatore Bonaccorso at 2019-12-24T09:45:09Z
Add Debian bug reference for CVE-2019-1678{5,6}/waitress

- - - - -
222563e7 by Salvatore Bonaccorso at 2019-12-24T09:45:46Z
Remove reference to (unfortunately) not-stable URLs

Crosschecked with the GHSA advisories it seems that enough detail
information is provided there as well, so we can drop the urls to the
changes which are floating and not anchored to the details :(

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15742,18 +15742,16 @@ CVE-2019-16789
 CVE-2019-16788
 	RESERVED
 CVE-2019-16786 (Waitress through version 1.3.1 would parse the Transfer-Encoding heade ...)
-	- waitress <unfixed>
+	- waitress <unfixed> (bug #947306)
 	[buster] - waitress <no-dsa> (Minor issue)
 	[stretch] - waitress <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
-	NOTE: https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
 	NOTE: https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
 CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 ...)
-	- waitress <unfixed>
+	- waitress <unfixed> (bug #947306)
 	[buster] - waitress <no-dsa> (Minor issue)
 	[stretch] - waitress <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
-	NOTE: https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
 	NOTE: https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba 
 CVE-2019-16784
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191224/dee2c8e9/attachment.html>


More information about the debian-security-tracker-commits mailing list