[Git][security-tracker-team/security-tracker][master] CVE-2019-7165,CVE-2019-12594,dosbox: Link to fixing commits.
Markus Koschany
apo at debian.org
Sat Jul 6 17:22:07 BST 2019
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
851f04f3 by Markus Koschany at 2019-07-06T16:21:25Z
CVE-2019-7165,CVE-2019-12594,dosbox: Link to fixing commits.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1913,6 +1913,8 @@ CVE-2019-12594 (DOSBox 0.74-2 has Incorrect Access Control. ...)
- dosbox <unfixed> (bug #931222)
NOTE: Fixed in 0.74-3 upstream.
NOTE: https://github.com/Alexandre-Bartel/CVE-2019-12594
+ NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
+ NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/4246/
CVE-2019-12593 (IceWarp Mail Server through 10.4.4 is prone to a local file inclusion ...)
NOT-FOR-US: IceWarp Mail Server
CVE-2019-12592 (A universal Cross-site scripting (UXSS) vulnerability in the Evernote ...)
@@ -16545,6 +16547,8 @@ CVE-2019-7166
CVE-2019-7165 (A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitra ...)
- dosbox <unfixed> (bug #931222)
NOTE: Fixed in 0.74-3 upstream.
+ NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
+ NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/3925/
CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injecti ...)
{DLA-1718-1}
[experimental] - sqlalchemy 1.3.0~b3+ds1-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f04f376302adf93dec320f1091a7f7369b372
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/851f04f376302adf93dec320f1091a7f7369b372
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190706/422593c7/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list