[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3885 as not-affected for stretch
Salvatore Bonaccorso
carnil at debian.org
Sun Jun 2 15:18:20 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ae6e69b8 by Salvatore Bonaccorso at 2019-06-02T14:17:18Z
Mark CVE-2019-3885 as not-affected for stretch
Issue introduced in 1.1.18 upstream unless respective patches
backported, which is not the case for Debian stretch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21578,6 +21578,7 @@ CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 an
NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=ae076bb40e0e150aef41361b64001138d04d6c60
CVE-2019-3885 (A use-after-free flaw was found in pacemaker up to and including versi ...)
- pacemaker 2.0.1-3 (bug #927714)
+ [stretch] - pacemaker <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749 (master)
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1750 (1.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae6e69b8ebc1f90c2c1d1a0e494d361b153623db
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae6e69b8ebc1f90c2c1d1a0e494d361b153623db
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190602/a332cf17/attachment.html>
More information about the debian-security-tracker-commits
mailing list