[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1320/libthrift-java
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 8 20:26:58 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a079295f by Salvatore Bonaccorso at 2019-01-08T20:26:32Z
Add CVE-2018-1320/libthrift-java
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64364,7 +64364,9 @@ CVE-2018-1322 (An administrator with user search entitlements in Apache Syncope
CVE-2018-1321 (An administrator with report and template entitlements in Apache ...)
NOT-FOR-US: Apache Syncope
CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0 can ...)
- TODO: check
+ - libthrift-java <unfixed>
+ NOTE: https://issues.apache.org/jira/browse/THRIFT-4506
+ NOTE: https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e
CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that cause ...)
NOT-FOR-US: Apache Allura
CVE-2018-1318 (Adding method ACLs in remap.config can cause a segfault when the user ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a079295fa7bed9125d6c58a5d51042bf233916cf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a079295fa7bed9125d6c58a5d51042bf233916cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190108/de022807/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list