[Git][security-tracker-team/security-tracker][master] new ansible, cargo issues

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbb5d20c by Moritz Muehlenhoff at 2019-10-09T11:47:28Z
new ansible, cargo issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1402,7 +1402,9 @@ CVE-2019-16762
 CVE-2019-16761
 	RESERVED
 CVE-2019-16760 (Cargo prior to Rust 1.26.0 may download the wrong dependency if your p ...)
-	TODO: check
+	- cargo 0.26.0-1
+	[stretch] - cargo <postponed> (Upcoming upgrade of Cargo for ESR68 will fix this)
+	NOTE: https://rustsec.org/advisories/CVE-2019-16760.html
 CVE-2019-16759 (vBulletin 5.x through 5.5.4 allows remote command execution via the wi ...)
 	NOT-FOR-US: vBulletin
 CVE-2019-16758
@@ -6949,7 +6951,8 @@ CVE-2019-14848
 CVE-2019-14847
 	RESERVED
 CVE-2019-14846 (Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to  ...)
-	TODO: check
+	- ansible <unfixed> (low)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1755373
 CVE-2019-14845 (A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. ...)
 	NOT-FOR-US: OpenShift
 CVE-2019-14844 (A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb5d20c77058550064f67d0a6ee3f9be5ca530a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbb5d20c77058550064f67d0a6ee3f9be5ca530a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191009/d48d358a/attachment.html>