[Git][security-tracker-team/security-tracker][master] Annotate CVE-2019-18889/symfony as not affecting jessie
Roberto C. Sánchez
roberto at debian.org
Mon Nov 18 02:22:17 GMT 2019
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d989a77d by Roberto C. Sánchez at 2019-11-18T02:21:21Z
Annotate CVE-2019-18889/symfony as not affecting jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -310,6 +310,7 @@ CVE-2019-18890
CVE-2019-18889 [Forbid serializing AbstractAdapter and TagAwareAdapter instances]
RESERVED
- symfony 4.3.8+dfsg-1
+ [jessie] - symfony <not-affected> (Vulnerable code not present)
NOTE: https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
NOTE: https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a
CVE-2019-18888 [Prevent argument injection in a MimeTypeGuesser]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d989a77d1fe360ab0be6183b331fc3384f19db7d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d989a77d1fe360ab0be6183b331fc3384f19db7d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191118/650f0a97/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list