[Git][security-tracker-team/security-tracker][master] gdnsd upstream fixes

Fri Jul 19 19:08:28 BST 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
008bb65c by Moritz Muehlenhoff at 2019-07-19T18:07:26Z
gdnsd upstream fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54,11 +54,13 @@ CVE-2019-13952 (The set_ipv6() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a
 	- gdnsd <unfixed> (unimportant; bug #932407)
 	NOTE: https://github.com/gdnsd/gdnsd/issues/185
 	NOTE: No security impact, data is under administrative control
+	NOTE: Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786
 CVE-2019-13951 (The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a stack ...)
 	- gdnsd <not-affected> (Vulnerable code not present, introduced in 3.x)
 	NOTE: https://github.com/gdnsd/gdnsd/issues/185
 	NOTE: No security impact, data is under administrative control
 	NOTE: Introduced in https://github.com/gdnsd/gdnsd/commit/15715fc30d5e41e53d4a16d2434fc5c3190e129b
+	NOTE: Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786
 CVE-2019-13950 (index.php?c=admin&a=index in SyGuestBook A5 Version 1.2 has stored ...)
 	NOT-FOR-US: SyGuestBook A5
 CVE-2019-13949 (SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demons ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/008bb65cb443e4ca96d0b1b641fbd202bed7be5e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/008bb65cb443e4ca96d0b1b641fbd202bed7be5e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190719/4c739aa8/attachment.html>
