[Git][security-tracker-team/security-tracker][master] CVE-2019-13376/phpbb3: reference fixes, jessie triage

Sylvain Beucler beuc at debian.org
Mon Sep 30 10:28:59 BST 2019



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48463329 by Sylvain Beucler at 2019-09-30T09:26:27Z
CVE-2019-13376/phpbb3: reference fixes, jessie triage

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -11403,6 +11403,10 @@ CVE-2019-13377 (The implementations of SAE and EAP-pwd in hostapd and wpa_suppli
 	NOTE: Patches: https://w1.fi/security/2019-6/
 CVE-2019-13376 (phpBB version 3.2.7 allows the stealing of an Administration Control P ...)
 	- phpbb3 <removed>
+	NOTE: SECURITY-246:
+	NOTE: https://github.com/phpbb/phpbb/commit/cdf4f5ef85f05c0f94eae1a9edb1c28d4ac3515f
+	NOTE: more generally we've been missing SECURITY-188:
+	NOTE: https://github.com/phpbb/phpbb/commit/18abef716ecf42a35416444f3f84f5459d573789
 CVE-2019-13375 (A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) ...)
 	NOT-FOR-US: D-Link
 CVE-2019-13374 (A cross-site scripting (XSS) vulnerability in resource view in PayActi ...)


=====================================
data/dla-needed.txt
=====================================
@@ -111,6 +111,8 @@ openjpeg2
 pam-python
   NOTE: 20190927: Upstream appear to not have a distinct revision for this fix, using a single commit for the entire release which changes many things. (lamby)
 --
+phpbb3
+--
 poppler (Thorsten Alteholz)
 --
 python2.7



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/48463329c9b349d63ab330fe364d4c73d8dea5a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/48463329c9b349d63ab330fe364d4c73d8dea5a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190930/a784accd/attachment.html>


More information about the debian-security-tracker-commits mailing list