[Git][security-tracker-team/security-tracker][master] Sync fixed version for sid for 5 CVEs for linux with kernel-sec status
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 12 08:31:51 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
be82bf82 by Salvatore Bonaccorso at 2019-03-12T08:31:16Z
Sync fixed version for sid for 5 CVEs for linux with kernel-sec status
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1161,7 +1161,7 @@ CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissec
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-08.html
CVE-2019-9213 (In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks ...)
- - linux <unfixed>
+ - linux 4.19.28-1
NOTE: Fixed by: https://git.kernel.org/linus/0a1d52994d440e21def1c2174932410b4f2a98a1 (5.0)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
CVE-2019-9212 (SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary ...)
@@ -1353,7 +1353,7 @@ CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18986
NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
CVE-2019-9162 (In the Linux kernel before 4.20.12, ...)
- - linux <unfixed>
+ - linux 4.19.28-1
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/c4c07b4d6fa1f11880eab8e076d3d060ef3f55fc
@@ -1886,7 +1886,7 @@ CVE-2018-1002161 [SQL injection in multiple remote calls]
NOTE: https://docs.pagure.org/koji/CVE-2018-1002161/
NOTE: https://pagure.io/koji/issue/1183
CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in the ...)
- - linux <unfixed>
+ - linux 4.19.28-1
NOTE: https://lore.kernel.org/lkml/20190219021038.11340-1-yuehaibing@huawei.com/
NOTE: https://lore.kernel.org/lkml/20190219022512.GW2217@ZenIV.linux.org.uk/
CVE-2019-8979 (Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when ...)
@@ -1940,7 +1940,7 @@ CVE-2019-8957
RESERVED
CVE-2019-8956
RESERVED
- - linux <unfixed>
+ - linux 4.19.28-1
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/ba59fb0273076637f0add4311faa990a5eec27c0
@@ -2069,7 +2069,7 @@ CVE-2019-8914
CVE-2019-8913
RESERVED
CVE-2019-8912 (In the Linux kernel through 4.20.11, af_alg_release() in ...)
- - linux <unfixed>
+ - linux 4.19.28-1
[stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)
CVE-2019-8911 (An issue was discovered in WTCMS 1.0. It has stored XSS via the third ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be82bf823fb92e5d957fe3663b7d89777b4adcf1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be82bf823fb92e5d957fe3663b7d89777b4adcf1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190312/d8837723/attachment.html>
More information about the debian-security-tracker-commits
mailing list