[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1322{4,5}/libonig

Thu Jul 11 20:41:04 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ddddfcfd by Salvatore Bonaccorso at 2019-07-11T19:40:25Z
Add Debian bug reference for CVE-2019-1322{4,5}/libonig

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -642,12 +642,12 @@ CVE-2019-13233 (In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, th
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
 	NOTE: Fixed by: https://git.kernel.org/linus/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
 CVE-2019-13225 (A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9 ...)
-	- libonig <unfixed> (low)
+	- libonig <unfixed> (low; bug #931878)
 	[buster] - libonig <no-dsa> (Minor issue)
 	[stretch] - libonig <no-dsa> (Minor issue)
 	NOTE: https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c	
 CVE-2019-13224 (A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ...)
-	- libonig <unfixed> (low)
+	- libonig <unfixed> (low; bug #931878)
 	[buster] - libonig <no-dsa> (Minor issue)
 	[stretch] - libonig <no-dsa> (Minor issue)
 	NOTE: https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ddddfcfdff94c717a27633f52ce59cd3cc6c0308

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ddddfcfdff94c717a27633f52ce59cd3cc6c0308
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190711/a0b07945/attachment.html>
