[Git][security-tracker-team/security-tracker][master] new vlc issue fixed already

Moritz Muehlenhoff jmm at debian.org
Wed Jun 19 14:48:11 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
769cefc7 by Moritz Muehlenhoff at 2019-06-19T13:47:31Z
new vlc issue fixed already
mysql 5.7 fixed

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2019-12876
 CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...)
 	TODO: check
 CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...)
-	- vlc <unfixed>
+	- vlc 3.0.7-1
 	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
 CVE-2019-12873
@@ -1075,8 +1075,8 @@ CVE-2019-12436 [Samba AD DC LDAP server crash (paged searches)]
 CVE-2019-12435 [Samba AD DC Denial of Service in DNS management server (dnsserver)]
 	RESERVED
 	- samba <unfixed>
-	[stretch] - samba <not-affected> (Only affects Samba codebasis since 4.9 and 4.10)
-	[jessie] - samba <not-affected> (Only affects Samba codebasis since 4.9 and 4.10)
+	[stretch] - samba <not-affected> (Only affects Samba since 4.9)
+	[jessie] - samba <not-affected> (Only affects Samba since 4.9)
 	NOTE: https://www.samba.org/samba/security/CVE-2019-12435.html
 CVE-2019-12434 [Private Project Discovery via Comment Links]
 	RESERVED
@@ -27064,7 +27064,7 @@ CVE-2019-2684 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-8 8u212-b03-1
 	- openjdk-11 11.0.3+7-1
 CVE-2019-2683 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2682 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
 	NOT-FOR-US: Oracle
@@ -27172,7 +27172,7 @@ CVE-2019-2634 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 CVE-2019-2633 (Vulnerability in the Oracle Work in Process component of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2632 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2631 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
@@ -27182,7 +27182,7 @@ CVE-2019-2629 (Vulnerability in the Oracle Health Sciences Data Management Workb
 	NOT-FOR-US: Oracle
 CVE-2019-2628 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.3 1:10.3.15-1 (bug #928393)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 	NOTE: Fixed in MariaDB: 10.3.15
 CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
@@ -27191,7 +27191,7 @@ CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 	NOTE: Fixed in MariaDB: 10.3.15, 10.1.39
 CVE-2019-2626 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
@@ -27224,7 +27224,7 @@ CVE-2019-2614 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 	NOTE: Fixed in MariaDB 10.3.15, 10.1.39
 CVE-2019-2613 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
@@ -27273,7 +27273,7 @@ CVE-2019-2594 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools compone
 CVE-2019-2593 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2019-2592 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2591 (Vulnerability in the PeopleSoft Enterprise HRMS component of Oracle Pe ...)
 	NOT-FOR-US: Oracle
@@ -27296,7 +27296,7 @@ CVE-2019-2583 (Vulnerability in the Oracle iSupplier Portal component of Oracle
 CVE-2019-2582 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2581 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2580 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
@@ -27328,7 +27328,7 @@ CVE-2019-2568 (Vulnerability in the Oracle WebLogic Server component of Oracle F
 CVE-2019-2567 (Vulnerability in the Oracle Configurator component of Oracle Supply Ch ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2566 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
-	- mysql-5.7 <unfixed> (bug #927308)
+	- mysql-5.7 5.7.26-1 (bug #927308)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2565 (Vulnerability in the JD Edwards World Technical Foundation component o ...)
 	NOT-FOR-US: Oracle


=====================================
data/DSA/list
=====================================
@@ -23,7 +23,7 @@
 	{CVE-2019-11358 CVE-2019-12466 CVE-2019-12467 CVE-2019-12468 CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 CVE-2019-12474}
 	[stretch] - mediawiki 1:1.27.7-1~deb9u1
 [12 Jun 2019] DSA-4459-1 vlc - security update
-	{CVE-2019-5439}
+	{CVE-2019-5439 CVE-2019-12874}
 	[stretch] - vlc 3.0.7-0+deb9u1
 [08 Jun 2019] DSA-4458-1 cyrus-imapd - security update
 	{CVE-2019-11356}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/769cefc7c93c792c2fe5209c88c369a80186cace

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/769cefc7c93c792c2fe5209c88c369a80186cace
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190619/c22ae4b3/attachment.html>

More information about the debian-security-tracker-commits mailing list