[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11360 as unimportant
Salvatore Bonaccorso
carnil at debian.org
Fri Jul 12 21:32:30 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ee7ca6b by Salvatore Bonaccorso at 2019-07-12T20:29:40Z
Mark CVE-2019-11360 as unimportant
The severity of the issue can be considered negligible, as an
administrator which unverified applies unknown and unverified iptables
rules has likely already a compromised system.
The impact is very negligible in the case of the CVE-2019-11360 issue.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5669,9 +5669,10 @@ CVE-2019-11365 (An issue was discovered in atftpd in atftp 0.7.1. A remote attac
NOTE: https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
NOTE: https://sourceforge.net/p/atftp/code/ci/abed7d245d8e8bdfeab24f9f7f55a52c3140f96b/
CVE-2019-11360 (A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allo ...)
- - iptables 1.8.3-2
+ - iptables 1.8.3-2 (unimportant)
NOTE: https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e (1.8.3)
NOTE: https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/
+ NOTE: Negligible security impact
CVE-2019-11359 (Cross-site scripting (XSS) vulnerability in display.php in I, Libraria ...)
- i-librarian <itp> (bug #649291)
CVE-2019-11357
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ee7ca6bb87a2610503ef18a144fa6da21b4619b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ee7ca6bb87a2610503ef18a144fa6da21b4619b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190712/1ca7d3be/attachment.html>
More information about the debian-security-tracker-commits
mailing list