[Git][security-tracker-team/security-tracker][master] mod_openidc fixed
Moritz Muehlenhoff
jmm at debian.org
Wed Oct 16 10:04:43 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5f69c2ee by Moritz Muehlenhoff at 2019-10-16T09:04:12Z
mod_openidc fixed
mark one poppler issue as ignored
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7700,7 +7700,7 @@ CVE-2019-14858 (A vulnerability was found in Ansible engine 2.x up to 2.8 and An
NOTE: https://github.com/ansible/ansible/pull/63405
CVE-2019-14857
RESERVED
- - libapache2-mod-auth-openidc <unfixed> (bug #942165)
+ - libapache2-mod-auth-openidc 2.4.0.3-1 (bug #942165)
NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/ce37080c6aea30aabae8b4a9b4eea7808445cc8e
NOTE: https://github.com/zmartzone/mod_auth_openidc/pull/451
@@ -22447,7 +22447,9 @@ CVE-2019-9960 (The downloadZip function in application/controllers/admin/export.
- limesurvey <itp> (bug #472802)
CVE-2019-9959 (The JPXStream::init function in Poppler 0.78.0 and earlier doesn't che ...)
[experimental] - poppler 0.81.0-1
- - poppler <unfixed> (bug #941776)
+ - poppler <unfixed> (low; bug #941776)
+ [buster] - poppler <ignored> (Minor issue)
+ [stretch] - poppler <ignored> (Minor issue)
NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/805
NOTE: Patch: https://gitlab.freedesktop.org/poppler/poppler/commit/68ef84e5968a4249c2162b839ca6d7975048a557 (poppler-0.79.0)
NOTE: Reproducer: https://gitlab.freedesktop.org/poppler/poppler/uploads/3f22837ebd503f87e730b51221b89742/raiter_issue5465.pdf
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f69c2ee0ab40c8339a7e53820cec20ad83adfac
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f69c2ee0ab40c8339a7e53820cec20ad83adfac
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/a38b4e37/attachment.html>
More information about the debian-security-tracker-commits
mailing list