[Git][security-tracker-team/security-tracker][master] Add CVE-2019-1759{4,5}/ncurses
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 15 12:01:30 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9cf842a4 by Salvatore Bonaccorso at 2019-10-15T11:00:54Z
Add CVE-2019-1759{4,5}/ncurses
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,13 @@
CVE-2019-17596
RESERVED
CVE-2019-17595 (There is a heap-based buffer over-read in the fmt_entry function in ti ...)
- TODO: check
+ - ncurses <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
CVE-2019-17594 (There is a heap-based buffer over-read in the _nc_find_entry function ...)
- TODO: check
+ - ncurses <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
CVE-2019-17593 (JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an adm ...)
TODO: check
CVE-2019-17592 (The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cf842a45fe9876758319748847ae00fb12318cf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cf842a45fe9876758319748847ae00fb12318cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191015/489d7808/attachment.html>
More information about the debian-security-tracker-commits
mailing list