[Git][security-tracker-team/security-tracker][master] Track CVE-2019-915{3,4,5} with node-openpgp RFP/ITP

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86c6d750 by Salvatore Bonaccorso at 2019-09-16T15:49:39Z
Track CVE-2019-915{3,4,5} with node-openpgp RFP/ITP

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22039,11 +22039,11 @@ CVE-2019-9162 (In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snm
 	NOTE: Fixed by: https://git.kernel.org/linus/c4c07b4d6fa1f11880eab8e076d3d060ef3f55fc
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1776
 CVE-2019-9155 (A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who  ...)
-	NOT-FOR-US: OpenPGP.js (not used by Enigmail in Debian)
+	- node-openpgp <itp> (bug #787774)
 CVE-2019-9154 (Improper Verification of a Cryptographic Signature in OpenPGP.js <= ...)
-	NOT-FOR-US: OpenPGP.js (not used by Enigmail in Debian)
+	- node-openpgp <itp> (bug #787774)
 CVE-2019-9153 (Improper Verification of a Cryptographic Signature in OpenPGP.js <= ...)
-	NOT-FOR-US: OpenPGP.js (not used by Enigmail in Debian)
+	- node-openpgp <itp> (bug #787774)
 CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
 	- hdf5 <unfixed>
 	[buster] - hdf5 <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86c6d7500772e581e43565ea5d0b916af1c1d9fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86c6d7500772e581e43565ea5d0b916af1c1d9fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/9f879287/attachment.html>