[Git][security-tracker-team/security-tracker][master] Add CVE-2019-1010247/libapache2-mod-auth-openidc

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b702c69b by Salvatore Bonaccorso at 2019-07-21T12:51:34Z
Add CVE-2019-1010247/libapache2-mod-auth-openidc

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12007,7 +12007,9 @@ CVE-2019-1010249 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: In
 CVE-2019-1010248 (Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. T ...)
 	NOT-FOR-US: ONOS
 CVE-2019-1010247 (ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cr ...)
-	TODO: check
+	- libapache2-mod-auth-openidc 2.3.10.2-1
+	NOTE: Fixed by: https://github.com/zmartzone/mod_auth_openidc/commit/132a4111bf3791e76437619a66336dce2ce4c79b (v2.3.10.2)
+	NOTE: https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2019-001_mod_auth_openidc_reflected_xss.txt
 CVE-2019-1010246 (MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affecte ...)
 	NOT-FOR-US: MailCleaner
 CVE-2019-1010245 (The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b702c69b5e10b703bf1ba646abc87357298417a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b702c69b5e10b703bf1ba646abc87357298417a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190721/9411de55/attachment.html>