[Git][security-tracker-team/security-tracker][master] Add CVE-2019-3888/undertow

Salvatore Bonaccorso carnil at debian.org
Tue Jun 11 07:15:08 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
179dcc6b by Salvatore Bonaccorso at 2019-06-11T06:14:40Z
Add CVE-2019-3888/undertow

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22306,8 +22306,10 @@ CVE-2019-3890
 	NOTE: Depends on evolution-data-server patch: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/6672b8236139bd6ef41ecb915f4c72e2a052dba5
 CVE-2019-3889
 	RESERVED
-CVE-2019-3888
+CVE-2019-3888 [leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed]
 	RESERVED
+	- undertow <unfixed>
+	NOTE: https://github.com/undertow-io/undertow/pull/736
 CVE-2019-3887 (A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...)
 	- linux 4.19.37-1
 	[stretch] - linux <not-affected> (Vulnerability introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/179dcc6b4a67644a6653447c84fee1a96da562c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/179dcc6b4a67644a6653447c84fee1a96da562c5
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190611/fa22cead/attachment.html>


More information about the debian-security-tracker-commits mailing list