[Git][security-tracker-team/security-tracker][master] automatic update

Sun Oct 27 08:10:26 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c2ab73e by security tracker role at 2019-10-27T08:10:13Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113,6 +113,7 @@ CVE-2019-18410
 CVE-2019-18409 (The ruby_parser-legacy (aka legacy) gem 1.0.0 for Ruby allows local pr ...)
 	NOT-FOR-US: ruby_parser-legacy packaging issue
 CVE-2019-18408 (archive_read_format_rar_read_data in archive_read_support_format_rar.c ...)
+	{DLA-1971-1}
 	- libarchive 3.4.0-1
 	NOTE: https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14689
@@ -20246,6 +20247,7 @@ CVE-2019-11781
 CVE-2019-11780
 	RESERVED
 CVE-2019-11779 (In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT cli ...)
+	{DLA-1972-1}
 	- mosquitto 1.6.6-1 (bug #940654)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=551160
 	NOTE: https://github.com/eclipse/mosquitto/issues/1412
@@ -71534,12 +71536,12 @@ CVE-2018-12553
 CVE-2018-12552
 	REJECTED
 CVE-2018-12551 (When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured  ...)
-	{DSA-4388-1}
+	{DSA-4388-1 DLA-1972-1}
 	- mosquitto 1.5.6-1 (bug #921976)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12551
 CVE-2018-12550 (When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured  ...)
-	{DSA-4388-1}
+	{DSA-4388-1 DLA-1972-1}
 	- mosquitto 1.5.6-1 (bug #921976)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12550
@@ -136720,6 +136722,7 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurat
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667
 	NOTE: https://github.com/eclipse/jetty.project/commit/a285deea
 CVE-2017-7655 (In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vu ...)
+	{DLA-1972-1}
 	- mosquitto 1.5.4-1 (low)
 	[stretch] - mosquitto <no-dsa> (Minor issue)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c2ab73e66e34613804897f2452b83e7f358a328

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c2ab73e66e34613804897f2452b83e7f358a328
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191027/7c11150d/attachment.html>
