[Git][security-tracker-team/security-tracker][master] mod_openidc fixed

Moritz Muehlenhoff jmm at debian.org
Wed Oct 16 10:04:43 BST 2019



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f69c2ee by Moritz Muehlenhoff at 2019-10-16T09:04:12Z
mod_openidc fixed
mark one poppler issue as ignored

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7700,7 +7700,7 @@ CVE-2019-14858 (A vulnerability was found in Ansible engine 2.x up to 2.8 and An
 	NOTE: https://github.com/ansible/ansible/pull/63405
 CVE-2019-14857
 	RESERVED
-	- libapache2-mod-auth-openidc <unfixed> (bug #942165)
+	- libapache2-mod-auth-openidc 2.4.0.3-1 (bug #942165)
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/ce37080c6aea30aabae8b4a9b4eea7808445cc8e
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/pull/451
@@ -22447,7 +22447,9 @@ CVE-2019-9960 (The downloadZip function in application/controllers/admin/export.
 	- limesurvey <itp> (bug #472802)
 CVE-2019-9959 (The JPXStream::init function in Poppler 0.78.0 and earlier doesn't che ...)
 	[experimental] - poppler 0.81.0-1
-	- poppler <unfixed> (bug #941776)
+	- poppler <unfixed> (low; bug #941776)
+	[buster] - poppler <ignored> (Minor issue)
+	[stretch] - poppler <ignored> (Minor issue)
 	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/805
 	NOTE: Patch: https://gitlab.freedesktop.org/poppler/poppler/commit/68ef84e5968a4249c2162b839ca6d7975048a557 (poppler-0.79.0)
 	NOTE: Reproducer: https://gitlab.freedesktop.org/poppler/poppler/uploads/3f22837ebd503f87e730b51221b89742/raiter_issue5465.pdf



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f69c2ee0ab40c8339a7e53820cec20ad83adfac

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f69c2ee0ab40c8339a7e53820cec20ad83adfac
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/a38b4e37/attachment.html>


More information about the debian-security-tracker-commits mailing list