[Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-19882
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 26 22:20:22 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e8f8ff2a by Salvatore Bonaccorso at 2019-12-26T22:19:03Z
Add information on CVE-2019-19882
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -532,7 +532,12 @@ CVE-2019-19884
CVE-2019-19883
RESERVED
CVE-2019-19882 (shadow 4.8, in certain circumstances affecting at least Gentoo, Arch L ...)
- TODO: check
+ - shadow <unfixed> (unimportant)
+ NOTE: https://github.com/shadow-maint/shadow/pull/199
+ NOTE: https://bugs.archlinux.org/task/64836
+ NOTE: https://bugs.gentoo.org/702252
+ NOTE: Debian builds are compiled using -with-libpam and explicitly passing
+ NOTE: --disable-account-tools-setuid.
CVE-2019-19881
RESERVED
CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers to tr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8f8ff2ac9560f7eaa62ea17631d7b00cf36aaa4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8f8ff2ac9560f7eaa62ea17631d7b00cf36aaa4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191226/95400fba/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list