[Git][security-tracker-team/security-tracker][master] CVE-2019-13376/phpbb3: reference fixes, jessie triage
Sylvain Beucler
beuc at debian.org
Mon Sep 30 10:28:59 BST 2019
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
48463329 by Sylvain Beucler at 2019-09-30T09:26:27Z
CVE-2019-13376/phpbb3: reference fixes, jessie triage
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11403,6 +11403,10 @@ CVE-2019-13377 (The implementations of SAE and EAP-pwd in hostapd and wpa_suppli
NOTE: Patches: https://w1.fi/security/2019-6/
CVE-2019-13376 (phpBB version 3.2.7 allows the stealing of an Administration Control P ...)
- phpbb3 <removed>
+ NOTE: SECURITY-246:
+ NOTE: https://github.com/phpbb/phpbb/commit/cdf4f5ef85f05c0f94eae1a9edb1c28d4ac3515f
+ NOTE: more generally we've been missing SECURITY-188:
+ NOTE: https://github.com/phpbb/phpbb/commit/18abef716ecf42a35416444f3f84f5459d573789
CVE-2019-13375 (A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) ...)
NOT-FOR-US: D-Link
CVE-2019-13374 (A cross-site scripting (XSS) vulnerability in resource view in PayActi ...)
=====================================
data/dla-needed.txt
=====================================
@@ -111,6 +111,8 @@ openjpeg2
pam-python
NOTE: 20190927: Upstream appear to not have a distinct revision for this fix, using a single commit for the entire release which changes many things. (lamby)
--
+phpbb3
+--
poppler (Thorsten Alteholz)
--
python2.7
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/48463329c9b349d63ab330fe364d4c73d8dea5a6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/48463329c9b349d63ab330fe364d4c73d8dea5a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190930/a784accd/attachment.html>
More information about the debian-security-tracker-commits
mailing list