[Git][security-tracker-team/security-tracker][master] record upstream fix for mesa

Moritz Muehlenhoff jmm at debian.org
Tue Nov 19 08:45:24 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7f37c9ff by Moritz Muehlenhoff at 2019-11-19T08:44:45Z
record upstream fix for mesa
python-psutil no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -553,7 +553,9 @@ CVE-2019-18875
 	RESERVED
 CVE-2019-18874 (psutil (aka python-psutil) through 5.6.5 can have a double free. This  ...)
 	{DLA-1998-1}
-	- python-psutil <unfixed> (bug #944605)
+	- python-psutil <unfixed> (low; bug #944605)
+	[buster] - python-psutil <no-dsa> (Minor issue)
+	[stretch] - python-psutil <no-dsa> (Minor issue)
 	NOTE: https://github.com/giampaolo/psutil/pull/1616
 CVE-2019-18873 (FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP hea ...)
 	NOT-FOR-US: FUDForum
@@ -43402,6 +43404,7 @@ CVE-2019-5068 (An exploitable shared memory permissions vulnerability exists in
 	- mesa <unfixed> (bug #944298)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
 	NOTE: https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
+	NOTE: https://cgit.freedesktop.org/mesa/mesa/commit/?id=02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
 CVE-2019-5067 (An uninitialized memory access vulnerability exists in the way Aspose. ...)
 	NOT-FOR-US: Aspose
 CVE-2019-5066 (An exploitable use-after-free vulnerability exists in the way LZW-comp ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f37c9ffda3c6d5432f026b92965efb1a754a8f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f37c9ffda3c6d5432f026b92965efb1a754a8f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191119/550a7360/attachment.html>

More information about the debian-security-tracker-commits mailing list