[Git][security-tracker-team/security-tracker][master] Add CVE-2019-11768/phpmyadmin
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 5 21:36:40 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92d3cfd4 by Salvatore Bonaccorso at 2019-06-05T20:36:06Z
Add CVE-2019-11768/phpmyadmin
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2199,7 +2199,10 @@ CVE-2019-11770
CVE-2019-11769
RESERVED
CVE-2019-11768 (An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability ...)
- TODO: check
+ - phpmyadmin <unfixed>
+ NOTE: https://www.phpmyadmin.net/security/PMASA-2019-3/
+ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86
+ NOTE: Code in earlier versions in js/pmd/move.js.
CVE-2019-11767 (Server side request forgery (SSRF) in phpBB before 3.2.6 allows checki ...)
- phpbb3 <removed>
[jessie] - phpbb3 <postponed> (Minor issue, solution/workaround is to disable the remote avatar function)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92d3cfd4756e230e99e14d1554e30fb421f38289
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92d3cfd4756e230e99e14d1554e30fb421f38289
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190605/e7d662a7/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list