[Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2019-10153/fence-agents

Salvatore Bonaccorso carnil at debian.org
Sun Jun 23 20:28:54 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c4d58b90 by Salvatore Bonaccorso at 2019-06-23T19:27:13Z
Add fixed version for CVE-2019-10153/fence-agents

- - - - -
68a78cc2 by Salvatore Bonaccorso at 2019-06-23T19:27:41Z
(Temorarily) remove no-dsa item for fence-agents

Maintainer did a almost last-minute upload to fix CVE-2019-10153 in time
for buster, as such possible that package will be unblocked in time.

If that does not happen we can safely re-add the no-dsa tagged entry.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6949,8 +6949,7 @@ CVE-2019-10154
 	- moodle <removed>
 CVE-2019-10153 [mis-handling of non-ASCII characters in guest comment fields]
 	RESERVED
-	- fence-agents <unfixed> (low; bug #930887)
-	[buster] - fence-agents <no-dsa> (Minor issue)
+	- fence-agents 4.3.3-2 (low; bug #930887)
 	[stretch] - fence-agents <not-affected> (Vulnerable code not present)
 	[jessie] - fence-agents <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1670460



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/be18f58c715c83169bc89817c986cd12f9ff5b36...68a78cc2c74d3177ae5fc7fed4b8eca1a5b1ec74

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/be18f58c715c83169bc89817c986cd12f9ff5b36...68a78cc2c74d3177ae5fc7fed4b8eca1a5b1ec74
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190623/832e2686/attachment.html>


More information about the debian-security-tracker-commits mailing list