[Git][security-tracker-team/security-tracker][master] Add CVE-2019-14824/389-ds-base
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 5 06:19:47 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
91c49f8c by Salvatore Bonaccorso at 2019-11-05T06:19:12Z
Add CVE-2019-14824/389-ds-base
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11451,8 +11451,11 @@ CVE-2019-14826 (A flaw was found in FreeIPA versions 4.5.0 and later. Session co
CVE-2019-14825
RESERVED
NOT-FOR-US: Katello
-CVE-2019-14824
+CVE-2019-14824 [Read permission check bypass via the deref plugin]
RESERVED
+ - 389-ds-base <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1747448
+ NOTE: https://pagure.io/freeipa/issue/8050
CVE-2019-14823 (A flaw was found in the "Leaf and Chain" OCSP policy implementation in ...)
- jss 4.6.2-1 (bug #942463)
[buster] - jss <not-affected> (Vulnerable code backported only in 4.5.3 onwards)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/91c49f8c0a2dc544097bcecf9bcaa35a7e784bac
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/91c49f8c0a2dc544097bcecf9bcaa35a7e784bac
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191105/81c4e2f1/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list