[Git][security-tracker-team/security-tracker][master] Update CVE-2019-5747/busybox information
Salvatore Bonaccorso
carnil at debian.org
Fri Mar 1 21:38:14 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abcd6513 by Salvatore Bonaccorso at 2019-03-01T21:36:38Z
Update CVE-2019-5747/busybox information
The upload of busybox/1:1.30.1-1 did contain the first commit for
CVE-2018-20679, which was incomplete, but did not apply the second
required commit, opening thus CVE-2019-5747 for busybox in unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8969,7 +8969,9 @@ CVE-2019-5749
CVE-2019-5748 (In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might ...)
NOT-FOR-US: Traccar Server
CVE-2019-5747 (An issue was discovered in BusyBox through 1.30.0. An out of bounds ...)
- - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
+ - busybox <unfixed>
+ [stretch] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
+ [jessie] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=11506
NOTE: https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06
CVE-2019-5746
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abcd6513b8b7a0c597b0240b9be644db975c71b6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abcd6513b8b7a0c597b0240b9be644db975c71b6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190301/85d7c716/attachment.html>
More information about the debian-security-tracker-commits
mailing list