[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: phpmyadmin precisions
Sylvain Beucler
beuc at debian.org
Sun Feb 24 01:05:52 GMT 2019
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ce8f9ae by Sylvain Beucler at 2019-02-24T01:05:08Z
data/dla-needed.txt: phpmyadmin precisions
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -99,9 +99,8 @@ openjdk-7 (Emilio)
openssh (Mike Gabriel)
--
phpmyadmin (Sylvain Beucler)
- NOTE: CVE-2019-6798: SQL injection is serious but if you have been able to login as a crafted user
- NOTE: CVE-2019-6798: that is a more serious problem. The fix is simple so it can still be worth fixing
- NOTE: CVE-2019-6798: but it is not urgent. Do it together with CVE-2019-6799.
+ NOTE: CVE-2019-679_9_: package available for review https://www.beuc.net/tmp/debian-lts/
+ NOTE: CVE-2019-679_8_: <not-affected> (code was refactored twice since jessie)
--
polarssl
NOTE: 20121207: Not 100% sure if vulnerable. Upstream would prefer us to move to latest version, etc. (!). (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ce8f9ae0ddb78effce0c5712abb4ddffe212f30
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ce8f9ae0ddb78effce0c5712abb4ddffe212f30
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190224/ef4dc70d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list