[Git][security-tracker-team/security-tracker][master] CVE-2019-1322{4,5}/libonig fixed in unstable

Sat Jul 13 13:53:54 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d41149a by Salvatore Bonaccorso at 2019-07-13T12:52:30Z
CVE-2019-1322{4,5}/libonig fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -794,12 +794,12 @@ CVE-2019-13233 (In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, th
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
 	NOTE: Fixed by: https://git.kernel.org/linus/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
 CVE-2019-13225 (A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9 ...)
-	- libonig <unfixed> (low; bug #931878)
+	- libonig 6.9.2-1 (low; bug #931878)
 	[buster] - libonig <no-dsa> (Minor issue)
 	[stretch] - libonig <no-dsa> (Minor issue)
 	NOTE: https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c	
 CVE-2019-13224 (A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ...)
-	- libonig <unfixed> (low; bug #931878)
+	- libonig 6.9.2-1 (low; bug #931878)
 	[buster] - libonig <no-dsa> (Minor issue)
 	[stretch] - libonig <no-dsa> (Minor issue)
 	NOTE: https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d41149ae34abaec0f9a582d47710da823d90d20

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2d41149ae34abaec0f9a582d47710da823d90d20
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190713/50d53c4b/attachment-0001.html>
