[Git][security-tracker-team/security-tracker][master] Add CVE-2019-8331/twitter-bootstrap*
Salvatore Bonaccorso
carnil at debian.org
Wed Feb 20 20:29:43 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92993a3d by Salvatore Bonaccorso at 2019-02-20T20:26:29Z
Add CVE-2019-8331/twitter-bootstrap*
the 4.x series is fixed in 4.3.1 upstream, but for the older series no
initial check has been performed. As such add the items for now as
undetermined until properly evaluated.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1291,7 +1291,10 @@ CVE-2019-8333
CVE-2019-8332
RESERVED
CVE-2019-8331 (In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover ...)
- TODO: check
+ - twitter-bootstrap4 <unfixed>
+ - twitter-bootstrap3 <undetermined>
+ - twitter-bootstrap <undetermined>
+ NOTE: https://github.com/twbs/bootstrap/pull/28236
CVE-2019-8330
RESERVED
CVE-2019-8329
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92993a3d305ec0048814ec1d897f6bb1a81dfc4e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92993a3d305ec0048814ec1d897f6bb1a81dfc4e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190220/b6ea6339/attachment.html>
More information about the debian-security-tracker-commits
mailing list