[Git][security-tracker-team/security-tracker][master] CVE-2019-19232,CVE-2019-19234,sudo: Mark as no-dsa for Jessie.

Thu Dec 26 17:44:00 GMT 2019


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9fe07501 by Markus Koschany at 2019-12-26T17:42:21Z
CVE-2019-19232,CVE-2019-19234,sudo: Mark as no-dsa for Jessie.

Minor issue because attacker must have access to a Runas ALL account already.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6460,6 +6460,7 @@ CVE-2019-19234 (In Sudo through 1.8.29, the fact that a user has been blocked (e
 	- sudo <unfixed> (bug #947225)
 	[buster] - sudo <no-dsa> (Minor issue)
 	[stretch] - sudo <no-dsa> (Minor issue)
+	[jessie] - sudo <no-dsa> (Minor issue)
 	NOTE: https://www.sudo.ws/devel.html#1.8.30b2
 CVE-2019-19233
 	RESERVED
@@ -6467,6 +6468,7 @@ CVE-2019-19232 (In Sudo through 1.8.29, an attacker with access to a Runas ALL s
 	- sudo <unfixed> (bug #947225)
 	[buster] - sudo <no-dsa> (Minor issue)
 	[stretch] - sudo <no-dsa> (Minor issue)
+	[jessie] - sudo <no-dsa> (Minor issue)
 	NOTE: https://www.sudo.ws/devel.html#1.8.30b2
 CVE-2019-19231 (An insecure file access vulnerability exists in CA Client Automation 1 ...)
 	NOT-FOR-US: CA Client Automation



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fe07501ee08ea88f6cd79b3863b92271656c5f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fe07501ee08ea88f6cd79b3863b92271656c5f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191226/f0c087e0/attachment.html>
