[Git][security-tracker-team/security-tracker][master] libmatio fixed in experimental
Moritz Muehlenhoff
jmm at debian.org
Fri Jul 19 16:46:34 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef6a5ac0 by Moritz Muehlenhoff at 2019-07-19T15:45:57Z
libmatio fixed in experimental
vlc postponed
proftpd bug
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -750,6 +750,8 @@ CVE-2019-13616 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4538
CVE-2019-13615 (VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in ...)
- vlc <unfixed> (bug #932241)
+ [buster] - vlc <postponed> (Minor issue, wait until next 3.0.x release)
+ [stretch] - vlc <postponed> (Minor issue, wait until next 3.0.x release)
NOTE: https://trac.videolan.org/vlc/ticket/22474
CVE-2019-13614 (CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link ...)
NOT-FOR-US: TP-Link
@@ -1764,6 +1766,8 @@ CVE-2019-13603 (An issue was discovered in the HID Global DigitalPersona (former
NOT-FOR-US: HID Global DigitalPersona U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver
CVE-2019-13602 (An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4. ...)
- vlc 3.0.7.1-2 (bug #932131)
+ [buster] - vlc <postponed> (Minor issue, wait until next 3.0.x release)
+ [stretch] - vlc <postponed> (Minor issue, wait until next 3.0.x release)
NOTE: https://git.videolan.org/?p=vlc.git;a=commit;h=8e8e0d72447f8378244f5b4a3dcde036dbeb1491
NOTE: https://git.videolan.org/?p=vlc.git;a=commit;h=b2b157076d9e94df34502dd8df0787deb940e938
CVE-2019-13601
@@ -2973,6 +2977,7 @@ CVE-2019-13108 (An integer overflow in Exiv2 through 0.27.1 allows an attacker t
NOTE: https://github.com/Exiv2/exiv2/commit/5d1d6981229b5e44401bf5c503100553fc7d877a
NOTE: https://github.com/Exiv2/exiv2/issues/789
CVE-2019-13107 (Multiple integer overflows exist in MATIO before 1.5.16, related to ma ...)
+ [experimental] - libmatio 1.5.16-1
- libmatio <unfixed> (bug #931323)
[buster] - libmatio <no-dsa> (Minor issue)
[stretch] - libmatio <no-dsa> (Minor issue)
@@ -3728,7 +3733,7 @@ CVE-2019-12816 (Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated
NOTE: https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311
CVE-2019-12815 [SITE CPFR/CPTO do not honor <Limit> configurations]
RESERVED
- - proftpd-dfsg <unfixed>
+ - proftpd-dfsg <unfixed> (low; bug #932453)
NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4372
NOTE: https://github.com/proftpd/proftpd/pull/816
CVE-2019-12814 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef6a5ac06fa2ac5654bd98ed476fb293279e344c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef6a5ac06fa2ac5654bd98ed476fb293279e344c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190719/8440bd65/attachment.html>
More information about the debian-security-tracker-commits
mailing list