[Git][security-tracker-team/security-tracker][master] epiphany unimportant

Moritz Muehlenhoff jmm at debian.org
Mon Jan 14 22:28:26 GMT 2019 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fe7ed7ac by Moritz Muehlenhoff at 2019-01-14T22:27:59Z
epiphany unimportant
new agg/svgpp issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,8 +61,9 @@ CVE-2019-6253
 CVE-2019-6252
 	RESERVED
 CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows ...)
-	- epiphany-browser <unfixed>
+	- epiphany-browser <unfixed> (unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/epiphany/issues/532
+	NOTE: Webkit not covered by security support
 CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability ...)
 	NOT-FOR-US: HuCart
 CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ ...)
@@ -72,11 +73,13 @@ CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ
 CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...)
 	NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script
 CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
-	TODO: check
+	- agg <unfixed>
+	- svgpp <unfixed>
 CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the ...)
-	TODO: check
+	- svgpp <unfixed>
 CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
-	TODO: check
+	- agg <unfixed>
+	- svgpp <unfixed>
 CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...)
 	NOT-FOR-US: CubeCart
 CVE-2018-20702



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe7ed7ac1083c02d0ae4ce18906b2cfc415cc804

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe7ed7ac1083c02d0ae4ce18906b2cfc415cc804
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/f9d0db20/attachment.html>

More information about the debian-security-tracker-commits mailing list