[Git][security-tracker-team/security-tracker][master] Correct association of morgan node module issue

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8122eafd by Salvatore Bonaccorso at 2019-03-22T07:54:41Z
Correct association of morgan node module issue

I swapped wrongly the CVE identifier for the morgan node.js module which
is CVE-2019-5413 actually and CVE-2019-3830 is for ceilometer.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11595,7 +11595,7 @@ CVE-2019-5415 (A bug in handling the ignore files and directories feature in ser
 CVE-2019-5414 (If an attacker can control the port, which in itself is a very sensiti ...)
 	TODO: check
 CVE-2019-5413 (An attacker can use the format parameter to inject arbitrary commands  ...)
-	TODO: check
+	NOT-FOR-US: morgan node module
 CVE-2019-5412
 	RESERVED
 CVE-2019-5411
@@ -14869,7 +14869,6 @@ CVE-2019-3831
 	- vdsm <itp> (bug #668538)
 CVE-2019-3830
 	RESERVED
-	NOT-FOR-US: morgan node module
 CVE-2019-3829
 	RESERVED
 CVE-2019-3828 [path traversal in the fetch module]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8122eafda7c22e324ed07af55d2dd552df32792a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8122eafda7c22e324ed07af55d2dd552df32792a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190322/8fccddaf/attachment.html>