[Git][security-tracker-team/security-tracker][master] Add reference to followup fix for bzip2
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 10 05:20:02 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bd9b9a1c by Salvatore Bonaccorso at 2019-07-10T04:18:58Z
Add reference to followup fix for bzip2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1420,6 +1420,7 @@ CVE-2019-12900 (BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out
NOTE: Details on followup: https://sourceware.org/ml/bzip2-devel/2019-q3/msg00007.html
NOTE: explaining as well why, whilst the issue described by CVE-2019-12900 is definitvely
NOTE: an issue, it was not exploitable in the first place.
+ NOTE: Regression fix: https://sourceware.org/git/?p=bzip2.git;a=commit;h=b07b105d1b66e32760095e3602261738443b9e13
CVE-2019-12899 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)
NOT-FOR-US: Delta Electronics DeviceNet Builder
CVE-2019-12898 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd9b9a1c6f8d9c719e78eb1496a5543fce1caffa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd9b9a1c6f8d9c719e78eb1496a5543fce1caffa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190710/9ee1e74e/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list