[Git][security-tracker-team/security-tracker][master] Add CVE-2019-12900/bzip2

Thu Jun 20 10:18:06 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d0576ff6 by Salvatore Bonaccorso at 2019-06-20T09:17:48Z
Add CVE-2019-12900/bzip2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,9 @@ CVE-2019-12902 (Pydio Cells before 1.5.0 does incomplete cleanup of a user's dat
 CVE-2019-12901 (Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing  ...)
 	TODO: check
 CVE-2019-12900 (BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ...)
-	TODO: check
+	- bzip2 <unfixed>
+	NOTE: https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
+	TODO: check details
 CVE-2019-12899 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)
 	TODO: check
 CVE-2019-12898 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0576ff6b4202ea5dda0b40c362ded2d5ca2b588

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0576ff6b4202ea5dda0b40c362ded2d5ca2b588
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190620/3ddb2d28/attachment.html>
