[Git][security-tracker-team/security-tracker][master] Add CVE-2019-12904/libgcrypt
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 20 10:04:37 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4c8bd0ec by Salvatore Bonaccorso at 2019-06-20T09:04:01Z
Add CVE-2019-12904/libgcrypt
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,9 @@
CVE-2019-12904 (In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flu ...)
- TODO: check
+ - libgcrypt20 <unfixed>
+ - libgcrypt11 <removed>
+ NOTE: https://dev.gnupg.org/T4541
+ NOTE: https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
+ NOTE: https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
CVE-2019-12903 (Pydio Cells before 1.5.0, when supplied with a Name field in an unexpe ...)
TODO: check
CVE-2019-12902 (Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c8bd0ec44ad00c18cc413d924e47d47b09b462b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4c8bd0ec44ad00c18cc413d924e47d47b09b462b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190620/15e74547/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list