[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11842/matrix-synapse

Salvatore Bonaccorso carnil at debian.org
Thu May 9 19:32:13 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ed5c26e by Salvatore Bonaccorso at 2019-05-09T18:31:02Z
Add CVE-2019-11842/matrix-synapse

- - - - -
f1f92718 by Salvatore Bonaccorso at 2019-05-09T18:31:40Z
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2019-11842 [Use SystemRandom for token generation]
+	- matrix-synapse 0.99.2-5
+	NOTE: https://matrix.org/blog/2019/05/03/security-updates-sydent-1-0-3-synapse-0-99-3-1-and-riot-android-0-9-0-0-8-99-0-8-28-a/
 CVE-2019-11835 (cJSON before 1.7.11 allows out-of-bounds access, related to multiline  ...)
 	- cjson <unfixed> (bug #928726)
 	NOTE: https://github.com/DaveGamble/cJSON/issues/338



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a7f8e4e372c4bcbeef9136d92f52e47618851f48...f1f927188607cc7821805eb37e791627c7977f0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a7f8e4e372c4bcbeef9136d92f52e47618851f48...f1f927188607cc7821805eb37e791627c7977f0d
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190509/3f5df866/attachment.html>


More information about the debian-security-tracker-commits mailing list