[Git][security-tracker-team/security-tracker][master] 2 commits: Ignoring CVE-2019-6470 following decision for stretch.
Ola Lundqvist
opal at debian.org
Sat May 11 22:17:54 BST 2019
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a97a36f8 by Ola Lundqvist at 2019-05-11T21:12:34Z
Ignoring CVE-2019-6470 following decision for stretch.
- - - - -
0185a0b3 by Ola Lundqvist at 2019-05-11T21:17:32Z
Ignoring CVE-2017-12839 and CVE-2019-11059 following decision for stretch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1954,6 +1954,7 @@ CVE-2019-11060
CVE-2019-11059 (Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit exte ...)
- u-boot <unfixed> (bug #928800)
[stretch] - u-boot <no-dsa> (Minor issue)
+ [jessie] - u-boot <ignored> (Minor issue)
NOTE: https://git.denx.de/?p=u-boot.git;a=commit;h=febbc583319b567fe3d83e521cc2ace9be8d1501
CVE-2019-11058
RESERVED
@@ -13961,6 +13962,7 @@ CVE-2019-6470 [DHCPv6 server crashes regularly]
RESERVED
- isc-dhcp 4.4.1-2 (bug #896122)
[stretch] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
+ [jessie] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
NOTE: https://bugs.isc.org/Public/Ticket/Display.html?id=48804
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1641246
NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/isc-dhcp/%2Bbug/1781699
@@ -98975,6 +98977,7 @@ CVE-2017-12840 (A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ c
CVE-2017-12839 (A heap-based buffer over-read in the getbits function in src/libmpg123 ...)
- mpg123 1.25.6-1
[stretch] - mpg123 <no-dsa> (Minor issue)
+ [jessie] - mpg123 <ignored> (Minor issue)
NOTE: https://sourceforge.net/p/mpg123/bugs/255/
NOTE: https://www.mpg123.de/cgi-bin/scm/mpg123/trunk/src/libmpg123/getbits.h?r1=2024&r2=4323&sortby=date
CVE-2017-12838 (Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/8fe69ead64e09d535c4c2794cda9b2074d1dc675...0185a0b38c4126a34eb33cde1da139e8bbcf58e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/8fe69ead64e09d535c4c2794cda9b2074d1dc675...0185a0b38c4126a34eb33cde1da139e8bbcf58e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190511/2fcca020/attachment.html>
More information about the debian-security-tracker-commits
mailing list