[Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
jmm at debian.org
Tue Jul 16 21:59:58 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
faab6467 by Moritz Muehlenhoff at 2019-07-16T20:59:25Z
new chromium issues
one sox issue ignored
fix patch reference for one sox issue
take sox
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1047,7 +1047,9 @@ CVE-2019-13592
CVE-2019-13591
RESERVED
CVE-2019-13590 (An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (start ...)
- - sox <unfixed> (bug #932082)
+ - sox <unfixed> (low; bug #932082)
+ [buster] - sox <ignored> (Minor issue)
+ [stretch] - sox <ignored> (Minor issue)
NOTE: https://sourceforge.net/p/sox/bugs/325/
CVE-2019-13589 (The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, incl ...)
NOT-FOR-US: backdoor in paranoid_2 gem, different from src:ruby-paranoia
@@ -15399,7 +15401,7 @@ CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_d
{DLA-1808-1}
- sox 14.4.2+git20190427-1 (bug #927906)
NOTE: https://sourceforge.net/p/sox/bugs/319
- NOTE: https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/
+ NOTE: https://sourceforge.net/p/sox/code/ci/f70911261a84333b077c29908e1242f69d7439eb
CVE-2019-8353
RESERVED
CVE-2019-8352 (By default, BMC PATROL Agent through 11.3.01 uses a static encryption ...)
@@ -21572,8 +21574,10 @@ CVE-2019-5849
RESERVED
CVE-2019-5848
RESERVED
+ - chromium <unfixed>
CVE-2019-5847
RESERVED
+ - chromium <unfixed>
CVE-2019-5846
RESERVED
CVE-2019-5845
=====================================
data/dsa-needed.txt
=====================================
@@ -54,7 +54,7 @@ simplesamlphp/oldstable
--
smarty3/oldstable
--
-sox/oldstable
+sox/oldstable (jmm)
--
sssd
Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/faab6467f126f1e45e381a544dff8fd231eaac45
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/faab6467f126f1e45e381a544dff8fd231eaac45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190716/d050613c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list