[Git][security-tracker-team/security-tracker][master] add note for ampache issues

Thorsten Alteholz alteholz at debian.org
Mon Sep 16 15:09:22 BST 2019



Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de89d35b by Thorsten Alteholz at 2019-09-16T14:14:59Z
add note for ampache issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12284,8 +12284,12 @@ CVE-2019-12387 (In Twisted before 19.2.1, twisted.web did not validate or saniti
 	NOTE: https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
 CVE-2019-12386 (An issue was discovered in Ampache through 3.9.1. A stored XSS exists  ...)
 	- ampache <removed>
+        NOTE: https://github.com/ampache/ampache/issues/1872 
+        NOTE: according to the github issue, it is not really fixed yet
 CVE-2019-12385 (An issue was discovered in Ampache through 3.9.1. The search engine is ...)
 	- ampache <removed>
+        NOTE: https://github.com/ampache/ampache/issues/1872 
+        NOTE: according to the github issue, it is not really fixed yet
 CVE-2019-12384 (FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to ...)
 	{DLA-1831-1}
 	- jackson-databind 2.9.8-3 (bug #930750)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de89d35b3fe98f50b70476e17ef127a20b0a9987

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de89d35b3fe98f50b70476e17ef127a20b0a9987
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/a4a2a8ad/attachment.html>


More information about the debian-security-tracker-commits mailing list