[Git][security-tracker-team/security-tracker][master] 2 commits: Upstream issue for CVE-2019-17266 was later on made private

Wed Oct 9 19:45:40 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7552b2b by Salvatore Bonaccorso at 2019-10-09T18:43:28Z
Upstream issue for CVE-2019-17266 was later on made private

- - - - -
3c208109 by Salvatore Bonaccorso at 2019-10-09T18:45:00Z
Add fixed version for CVE-2019-17266/libsoup2.4 in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -185,8 +185,8 @@ CVE-2019-17267 (A Polymorphic Typing issue was discovered in FasterXML jackson-d
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2460
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb
 CVE-2019-17266 (libsoup through 2.68.1 has a heap-based buffer over-read because soup_ ...)
-	- libsoup2.4 <unfixed> (bug #941912)
-	NOTE: https://gitlab.gnome.org/GNOME/libsoup/issues/173 (embargoed?)
+	- libsoup2.4 2.68.2-1 (bug #941912)
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/issues/173 (private)
 CVE-2019-17265
 	RESERVED
 CVE-2019-17264 (In libyal liblnk before 20191006, liblnk_location_information_read_dat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5781ea472d3aba020168aea2521679fe4767b8c9...3c208109514d22358725d8f7518431e5ceb456da

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5781ea472d3aba020168aea2521679fe4767b8c9...3c208109514d22358725d8f7518431e5ceb456da
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191009/b885dece/attachment.html>
