[Git][security-tracker-team/security-tracker][master] mod auth mellon jessie no dsa
Thijs Kinkhorst
thijs at debian.org
Sat Mar 23 13:52:02 GMT 2019
Thijs Kinkhorst pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52f3f516 by Thijs Kinkhorst at 2019-03-23T13:50:29Z
mod auth mellon jessie no dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14796,6 +14796,7 @@ CVE-2019-3879
CVE-2019-3878 [authentication bypass in ECP flow]
RESERVED
- libapache2-mod-auth-mellon 0.14.2-1 (bug #925197)
+ [jessie] - libapache2-mod-auth-mellon <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1576719
NOTE: https://github.com/Uninett/mod_auth_mellon/pull/196
NOTE: https://github.com/Uninett/mod_auth_mellon/commit/e09a28a30e13e5c22b481010f26b4a7743a09280
@@ -14803,6 +14804,7 @@ CVE-2019-3877 [Open redirect vulnerability in logout]
RESERVED
- libapache2-mod-auth-mellon 0.14.2-1
NOTE: https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
+ [jessie] - libapache2-mod-auth-mellon <no-dsa> (Open redirect protection not present in the first place)
CVE-2019-3876
RESERVED
CVE-2019-3875
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/52f3f5167689934e2826bb98e50d3393e40749c9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/52f3f5167689934e2826bb98e50d3393e40749c9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190323/46f64b58/attachment.html>
More information about the debian-security-tracker-commits
mailing list