[Git][security-tracker-team/security-tracker][master] CVE-2019-13313/libosinfo: jessie triage
Sylvain Beucler
beuc at debian.org
Sat Jul 6 11:51:34 BST 2019
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
08c69d16 by Sylvain Beucler at 2019-07-06T10:50:09Z
CVE-2019-13313/libosinfo: jessie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,6 +101,7 @@ CVE-2019-13313 (libosinfo 1.5.0 allows local users to discover credentials by li
- libosinfo <unfixed> (bug #931479)
[buster] - libosinfo <no-dsa> (Minor issue)
[stretch] - libosinfo <no-dsa> (Minor issue)
+ [jessie] - libosinfo <postponed> (Minor issue, local transient password leak in `ps`, affected binary not used by other packages)
NOTE: https://www.redhat.com/archives/libosinfo/2019-July/msg00026.html
CVE-2019-13312 (block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based b ...)
- ffmpeg <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08c69d162bebd6cf7421a995b84fba39dc866c3d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08c69d162bebd6cf7421a995b84fba39dc866c3d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190706/d08da1e5/attachment.html>
More information about the debian-security-tracker-commits
mailing list