[Git][security-tracker-team/security-tracker][master] CVE-2019-6245: Reference fix from svn revision 119 for src:agg
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 31 22:18:27 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
63958be7 by Salvatore Bonaccorso at 2019-01-31T22:17:10Z
CVE-2019-6245: Reference fix from svn revision 119 for src:agg
Add note on earlier patch 05_fix_recursion_crash which (should) address
the same issue in another way and included in 2.5+dfsg1-3.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2391,6 +2391,9 @@ CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used
- agg <unfixed> (bug #919322)
- svgpp <unfixed> (bug #919321)
NOTE: https://github.com/svgpp/svgpp/issues/70
+ NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
+ NOTE: and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch
+ NOTE: in 2.5+dfsg1-3.
CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...)
NOT-FOR-US: CubeCart
CVE-2018-20702
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63958be7fc0e50dd25e4f7d41ee2380db188d401
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63958be7fc0e50dd25e4f7d41ee2380db188d401
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190131/ff26b513/attachment.html>
More information about the debian-security-tracker-commits
mailing list