[Git][security-tracker-team/security-tracker][master] buster triage

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2344f3af by Moritz Muehlenhoff at 2019-06-15T21:01:36Z
buster triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -71,6 +71,8 @@ CVE-2019-12803
 	RESERVED
 CVE-2019-12802 (In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lan ...)
 	- radare2 <unfixed> (bug #930510)
+	[buster] - radare2 <no-dsa> (Minor issue)
+	[stretch] - radare2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/radare/radare2/issues/14296
 CVE-2019-12801
 	RESERVED
@@ -6591,10 +6593,12 @@ CVE-2019-10161
 	RESERVED
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 <unfixed>
+	[buster] - python3.7 <no-dsa> (Minor issue)
 	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
 	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
 	- python3.4 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
 	- python2.7 <unfixed>
+	[buster] - python2.7 <no-dsa> (Minor issue)
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
 	NOTE: Introduced by: https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3 (v3.8.0a4)
 	NOTE: Fixed by: https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e (v3.8.0b1)
@@ -6952,6 +6956,7 @@ CVE-2019-10045 (The "action" get_sess_id in the web application of Pydio through
 	- ajaxplorer <itp> (bug #668381)
 CVE-2019-10044 (Telegram Desktop before 1.5.12 on Windows, and the Telegram applicatio ...)
 	- telegram-desktop <unfixed> (bug #927711)
+	[buster] - telegram-desktop <no-dsa> (Minor issue)
 	NOTE: https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt
 CVE-2019-10043
 	RESERVED
@@ -7157,10 +7162,12 @@ CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: sche
 	NOTE: https://github.com/python/cpython/pull/11842
 CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
 	- python3.7 <unfixed>
+	[buster] - python3.7 <no-dsa> (Minor issue)
 	- python3.6 <removed>
 	- python3.5 <removed>
 	- python3.4 <removed>
 	- python2.7 <unfixed>
+	[buster] - python2.7 <no-dsa> (Minor issue)
 	NOTE: https://bugs.python.org/issue35906
 	NOTE: Introduced by: https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262
 CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...)
@@ -8519,10 +8526,12 @@ CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection
 	NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
 CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
 	- python3.7 <unfixed>
+	[buster] - python3.7 <no-dsa> (Minor issue)
 	- python3.6 <removed>
 	- python3.5 <removed>
 	- python3.4 <removed>
 	- python2.7 <unfixed>
+	[buster] - python2.7 <no-dsa> (Minor issue)
 	NOTE: https://bugs.python.org/issue36276
 	NOTE: https://bugs.python.org/issue30458
 CVE-2019-9739



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190615/4e106a1b/attachment-0001.html>