[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-1678{5,6}/waitress
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 24 09:47:08 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
46e23334 by Salvatore Bonaccorso at 2019-12-24T09:45:09Z
Add Debian bug reference for CVE-2019-1678{5,6}/waitress
- - - - -
222563e7 by Salvatore Bonaccorso at 2019-12-24T09:45:46Z
Remove reference to (unfortunately) not-stable URLs
Crosschecked with the GHSA advisories it seems that enough detail
information is provided there as well, so we can drop the urls to the
changes which are floating and not anchored to the details :(
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15742,18 +15742,16 @@ CVE-2019-16789
CVE-2019-16788
RESERVED
CVE-2019-16786 (Waitress through version 1.3.1 would parse the Transfer-Encoding heade ...)
- - waitress <unfixed>
+ - waitress <unfixed> (bug #947306)
[buster] - waitress <no-dsa> (Minor issue)
[stretch] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
- NOTE: https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
NOTE: https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 ...)
- - waitress <unfixed>
+ - waitress <unfixed> (bug #947306)
[buster] - waitress <no-dsa> (Minor issue)
[stretch] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
- NOTE: https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
NOTE: https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba
CVE-2019-16784
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b73f96fbff8128a5ad7cb99386b13fee965c76c3...222563e793406c509aa9a68d46ef4ac2afc7657e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191224/dee2c8e9/attachment.html>
More information about the debian-security-tracker-commits
mailing list