[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11842/matrix-synapse
Salvatore Bonaccorso
carnil at debian.org
Thu May 9 19:32:13 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8ed5c26e by Salvatore Bonaccorso at 2019-05-09T18:31:02Z
Add CVE-2019-11842/matrix-synapse
- - - - -
f1f92718 by Salvatore Bonaccorso at 2019-05-09T18:31:40Z
Merge remote-tracking branch 'origin/master'
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2019-11842 [Use SystemRandom for token generation]
+ - matrix-synapse 0.99.2-5
+ NOTE: https://matrix.org/blog/2019/05/03/security-updates-sydent-1-0-3-synapse-0-99-3-1-and-riot-android-0-9-0-0-8-99-0-8-28-a/
CVE-2019-11835 (cJSON before 1.7.11 allows out-of-bounds access, related to multiline ...)
- cjson <unfixed> (bug #928726)
NOTE: https://github.com/DaveGamble/cJSON/issues/338
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a7f8e4e372c4bcbeef9136d92f52e47618851f48...f1f927188607cc7821805eb37e791627c7977f0d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a7f8e4e372c4bcbeef9136d92f52e47618851f48...f1f927188607cc7821805eb37e791627c7977f0d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190509/3f5df866/attachment.html>
More information about the debian-security-tracker-commits
mailing list