[Git][security-tracker-team/security-tracker][master] fix syntax
Moritz Muehlenhoff
jmm at debian.org
Tue May 28 12:52:14 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1136cf25 by Moritz Muehlenhoff at 2019-05-28T11:51:37Z
fix syntax
new tor browser/firefox issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,12 @@
CVE-2019-12384
RESERVED
CVE-2019-12383 (Tor Browser before 8.0.1 has an information exposure vulnerability. It ...)
- TODO: check
+ - firefox-esr <unfixed> (unimportant)
+ - firefox <unfixed> (unimportant)
+ NOTE: https://gitweb.torproject.org/tor-browser.git/commit/?id=cbb04b72c68272c2de42f157d40cd7d29a6b7b55
+ NOTE: https://hackerone.com/reports/282748
+ NOTE: https://trac.torproject.org/projects/tor/ticket/24056
+ NOTE: This affects Firefox, but it's not a security issue in Firefox by itself
CVE-2019-12382 (An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/d ...)
- linux <unfixed>
CVE-2019-12381 (An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in ...)
@@ -39679,13 +39684,13 @@ CVE-2018-16878 (A flaw was found in pacemaker up to and including version 2.0.1.
NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749 (master)
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1750 (1.1)
- https://lists.clusterlabs.org/pipermail/users/2019-May/025822.html
+ NOTE: https://lists.clusterlabs.org/pipermail/users/2019-May/025822.html
CVE-2018-16877 (A flaw was found in the way pacemaker's client-server authentication w ...)
- pacemaker 2.0.1-3 (bug #927714)
NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749 (master)
NOTE: https://github.com/ClusterLabs/pacemaker/pull/1750 (1.1)
- https://lists.clusterlabs.org/pipermail/users/2019-May/025822.html
+ NOTE: https://lists.clusterlabs.org/pipermail/users/2019-May/025822.html
CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ...)
{DSA-4396-1}
- ansible 2.7.6+dfsg-1 (bug #916102)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1136cf25f46b350946eea67a00d447fb8287f8c4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1136cf25f46b350946eea67a00d447fb8287f8c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190528/5e4bce45/attachment.html>
More information about the debian-security-tracker-commits
mailing list