[Git][security-tracker-team/security-tracker][master] filezilla fixed

Moritz Muehlenhoff jmm at debian.org
Thu Oct 24 09:05:57 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
414d7e75 by Moritz Muehlenhoff at 2019-10-24T08:05:30Z
filezilla fixed
new haproxy issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -163,7 +163,11 @@ CVE-2019-18279
 CVE-2019-18278 (When executing VideoLAN VLC media player 3.0.8 with libqt on Windows,  ...)
 	NOT-FOR-US: VLC on Windows
 CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messages fea ...)
-	TODO: check
+	- haproxy 2.0.6-1
+	[buster] - haproxy <no-dsa> (Minor issue)
+	[stretch] - haproxy <no-dsa> (Minor issue)
+	NOTE: https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581
+	NOTE: https://nathandavison.com/blog/haproxy-http-request-smuggling
 CVE-2019-18276
 	RESERVED
 CVE-2019-18275
@@ -37989,7 +37993,7 @@ CVE-2019-5431 (This vulnerability was caused by an incomplete fix to CVE-2017-09
 CVE-2019-5430 (In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, i ...)
 	NOT-FOR-US: Ubiquiti Networks UniFi Video
 CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...)
-	- filezilla <unfixed> (low; bug #928282)
+	- filezilla 3.45.1-1 (low; bug #928282)
 	[buster] - filezilla <no-dsa> (Minor issue)
 	[stretch] - filezilla <no-dsa> (Minor issue)
 	[jessie] - filezilla <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/414d7e7522069d8d93c51ddcdb609679b3f51240

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/414d7e7522069d8d93c51ddcdb609679b3f51240
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191024/1369f3a3/attachment.html>

More information about the debian-security-tracker-commits mailing list