[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-13465/ros-ros-comm

Mon Dec 30 20:46:13 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ccef3131 by Salvatore Bonaccorso at 2019-12-30T20:45:17Z
Add CVE-2019-13465/ros-ros-comm

- - - - -
b52bdf17 by Salvatore Bonaccorso at 2019-12-30T20:45:43Z
Add CVE-2019-13445/ros-ros-comm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29774,7 +29774,11 @@ CVE-2019-13467 (Description: Western Digital SSD Dashboard before 2.5.1.0 and Sa
 CVE-2019-13466 (Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard ...)
 	NOT-FOR-US: Western Digital SSD Dashboard and SanDisk SSD Dashboard
 CVE-2019-13465 (An issue was discovered in the ROS communications-related packages (ak ...)
-	TODO: check
+	- ros-ros-comm <unfixed>
+	[buster] - ros-ros-comm <no-dsa> (Minor issue)
+	[stretch] - ros-ros-comm <no-dsa> (Minor issue)
+	NOTE: https://github.com/ros/ros_comm/issues/1752
+	NOTE: https://github.com/ros/ros_comm/pull/1763
 CVE-2019-13464 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...)
 	- modsecurity-crs 3.2.0-1 (low; bug #943773)
 	[buster] - modsecurity-crs 3.1.0-1+deb10u1
@@ -29857,7 +29861,11 @@ CVE-2019-13447 (An issue was discovered in Sertek Xpare 3.67. The login form doe
 CVE-2019-13446
 	REJECTED
 CVE-2019-13445 (An issue was discovered in the ROS communications-related packages (ak ...)
-	TODO: check
+	- ros-ros-comm <unfixed>
+	[buster] - ros-ros-comm <no-dsa> (Minor issue)
+	[stretch] - ros-ros-comm <no-dsa> (Minor issue)
+	NOTE: https://github.com/ros/ros_comm/issues/1738
+	NOTE: https://github.com/ros/ros_comm/pull/1741
 CVE-2019-13444
 	RESERVED
 CVE-2019-13443



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/30ca9d392c53bf670f5cb7f3585c2fa6ccd4edb8...b52bdf17c8347f92e3b7ad2b0538d96026ec2100

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/30ca9d392c53bf670f5cb7f3585c2fa6ccd4edb8...b52bdf17c8347f92e3b7ad2b0538d96026ec2100
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191230/884a2969/attachment.html>
