[Git][security-tracker-team/security-tracker][master] CVE-2019-9942/twig fixed in unstable
David Prévot
taffit at debian.org
Sat Mar 23 20:19:39 GMT 2019
David Prévot pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fe08ae47 by David Prévot at 2019-03-23T20:16:32Z
CVE-2019-9942/twig fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,7 +28,7 @@ CVE-2016-10743 (hostapd before 2.6 does not prevent use of the low-quality PRNG
TODO: check
CVE-2019-9942 (A sandbox information disclosure exists in Twig before 1.38.0 and 2.x ...)
[experimental] - twig 2.7.1-1
- - twig <unfixed>
+ - twig 2.6.2-2
NOTE: https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077
NOTE: https://symfony.com/blog/twig-sandbox-information-disclosure
CVE-2019-9941
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe08ae47ec5935fae3cc65e381d074a4a4056397
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe08ae47ec5935fae3cc65e381d074a4a4056397
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190323/6d56909f/attachment.html>
More information about the debian-security-tracker-commits
mailing list