[Git][security-tracker-team/security-tracker][master] Add CVE-2019-15846/exim4

Wed Sep 4 14:26:13 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5d01cf2 by Salvatore Bonaccorso at 2019-09-04T13:25:38Z
Add CVE-2019-15846/exim4

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -140,8 +140,10 @@ CVE-2015-9381 (FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get
 	- freetype 2.6.1-0.1
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9
 	NOTE: https://savannah.nongnu.org/bugs/?45955
-CVE-2019-15846
+CVE-2019-15846 [local or remote attacker can execute programs with root privileges]
 	RESERVED
+	- exim4 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/09/04/1
 CVE-2019-XXXX [rust image: Flaw in interface may drop uninitialized instance of arbitrary types]
 	- rust-image <not-affected> (Fixed before initial upload)
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0014.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d5d01cf241355b67dff7c87906b086b6a07aa76c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d5d01cf241355b67dff7c87906b086b6a07aa76c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190904/6dab5cf7/attachment.html>
