[Git][security-tracker-team/security-tracker][master] 3 commits: Reference upstream commit for CVE-2019-19647/radare2

Salvatore Bonaccorso carnil at debian.org
Thu Dec 26 12:53:44 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b3acc7b by Salvatore Bonaccorso at 2019-12-26T12:44:36Z
Reference upstream commit for CVE-2019-19647/radare2

- - - - -
a9b94d42 by Salvatore Bonaccorso at 2019-12-26T12:45:04Z
Mark CVE-2019-19647/radare2 as no-dsa for buster and stretch

- - - - -
46f8c7f1 by Salvatore Bonaccorso at 2019-12-26T12:52:54Z
Add Debian bug reference for CVE-2019-19647/radare2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3762,8 +3762,11 @@ CVE-2019-19648 (In the macho_parse_file functionality in macho/macho.c of YARA 3
 	- yara <unfixed>
 	NOTE: https://github.com/VirusTotal/yara/issues/1178
 CVE-2019-19647 (radare2 through 4.0.0 lacks validation of the content variable in the  ...)
-	- radare2 <unfixed>
+	- radare2 <unfixed> (bug #947402)
+	[buster] - radare2 <no-dsa> (Minor issue)
+	[stretch] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radareorg/radare2/issues/15545
+	NOTE: https://github.com/radareorg/radare2/commit/07b5e062f2d4a00403ff031302cb18dfa58e3805 (4.1.0)
 CVE-2019-19646 (pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_ ...)
 	- sqlite3 <not-affected> (Generated column support added later)
 	NOTE: https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b383ca766819eaa97b59d9f5ddbf74eb490bb2b...46f8c7f1f27bf031521757237d34d5829e1e4e25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b383ca766819eaa97b59d9f5ddbf74eb490bb2b...46f8c7f1f27bf031521757237d34d5829e1e4e25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191226/383d073e/attachment.html>

More information about the debian-security-tracker-commits mailing list