[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-12111/miniupnpd as not-affected
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 11 14:29:16 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8888a5e5 by Salvatore Bonaccorso at 2019-06-11T13:27:11Z
Mark CVE-2019-12111/miniupnpd as not-affected
- - - - -
5a10742c by Salvatore Bonaccorso at 2019-06-11T13:27:11Z
Track proposed fixes for miniupnpd via stretch-pu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1644,7 +1644,7 @@ CVE-2019-12112
CVE-2019-12111 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
{DLA-1811-1}
- miniupnpd 2.1-6 (bug #930050)
- [stretch] - miniupnpd <no-dsa> (Minor issue)
+ [stretch] - miniupnpd <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f
CVE-2019-12110 (An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnP ...)
{DLA-1811-1}
=====================================
data/next-point-update.txt
=====================================
@@ -63,3 +63,11 @@ CVE-2019-12106
[stretch] - minissdpd 1.2.20130907-4.1+deb9u1
CVE-2017-16042
[stretch] - node-growl 1.7.0-1+deb9u1
+CVE-2019-12107
+ [stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
+CVE-2019-12108
+ [stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
+CVE-2019-12109
+ [stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
+CVE-2019-12110
+ [stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5f2f7267f23336af9a99f5cadc8a3c415730d5c5...5a10742c88d3c263b029a58ff13aacc80a6a3690
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5f2f7267f23336af9a99f5cadc8a3c415730d5c5...5a10742c88d3c263b029a58ff13aacc80a6a3690
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190611/f21bae17/attachment.html>
More information about the debian-security-tracker-commits
mailing list