[Git][security-tracker-team/security-tracker][master] Revert "Investigated CVE-2019-9858 and determined that Debian is vulnerable but"

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
15ad3775 by Salvatore Bonaccorso at 2019-06-10T06:26:13Z
Revert "Investigated CVE-2019-9858 and determined that Debian is vulnerable but"

This reverts commit e49e5e6921de566bd7a295b34e5b9af6d615f0bb.

This issue needs to be properly tracked. From the commit message this
might then be affecting the code but not affecting the binary package
which would mean the entry looks different.

For the time beeing revert to the old values.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7824,10 +7824,8 @@ CVE-2019-9860 (Due to unencrypted signal communication and predictability of rol
 CVE-2019-9859
 	RESERVED
 CVE-2019-9858 (Remote code execution was discovered in Horde Groupware Webmail 5.2.22 ...)
-	- php-horde-form 2.0.8-2
-	NOTE: It is not possible install a backdoor on a Debian installed wordpress since
-	NOTE: the mentioned path do not exist and is not writeable. It is still possible
-	NOTE: to overwrite files, but the severity is much less.
+	- php-horde-form <undetermined>
+	TODO: check
 CVE-2019-9856
 	RESERVED
 CVE-2019-9855



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/15ad377551d2aab762d9e7282d46559f2d39bf40

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/15ad377551d2aab762d9e7282d46559f2d39bf40
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190610/8e956ca6/attachment.html>