[Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-5435/curl
Salvatore Bonaccorso
carnil at debian.org
Wed May 22 14:10:24 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6105ffff by Salvatore Bonaccorso at 2019-05-22T13:09:49Z
Update information for CVE-2019-5435/curl
curl_url_set function introduced in later versions, in 7.62.0 only.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17698,6 +17698,8 @@ CVE-2019-5436 [TFTP receive buffer overflow]
CVE-2019-5435 [Integer overflows in curl_url_set]
RESERVED
- curl <unfixed> (bug #929352)
+ [stretch] - curl <not-affected> (Vulnerable code introduced later)
+ [jessie] - curl <not-affected> (Vulnerable code introduced later)
NOTE: https://curl.haxx.se/docs/CVE-2019-5435.html
NOTE: Introduced by: https://github.com/curl/curl/commit/fb30ac5a2d63773c52
NOTE: Fixed by: https://github.com/curl/curl/commit/5fc28510a4664f4
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6105fffff423ace84ac9ad9e220db875a1ba0d24
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6105fffff423ace84ac9ad9e220db875a1ba0d24
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190522/81f6dab5/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list