[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream commit reference for CVE-2019-17455/libntlm

Sun Apr 19 12:00:29 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e9af9106 by Salvatore Bonaccorso at 2020-04-19T12:58:21+02:00
Add upstream commit reference for CVE-2019-17455/libntlm

- - - - -
272ef87f by Salvatore Bonaccorso at 2020-04-19T13:00:02+02:00
Track fixed version for CVE-2019-17455/libntlm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34596,11 +34596,12 @@ CVE-2019-17457
 CVE-2019-17456
 	RESERVED
 CVE-2019-17455 (Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequ ...)
-	- libntlm <unfixed> (bug #942145)
+	- libntlm 1.6-1 (bug #942145)
 	[buster] - libntlm <no-dsa> (Minor issue)
 	[stretch] - libntlm <no-dsa> (Minor issue)
 	[jessie] - libntlm <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/jas/libntlm/issues/2
+	NOTE: https://gitlab.com/jas/libntlm/-/commit/b967886873fcf19f816b9c0868465f2d9e5df85e
 CVE-2019-17454 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTa ...)
 	NOT-FOR-US: Bento4
 CVE-2019-17453 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWri ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bb1041b0133242cfc3660efb016a2ff6d7e5b721...272ef87fc74d209c9f289577a0a6f9e1e3caaf43

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bb1041b0133242cfc3660efb016a2ff6d7e5b721...272ef87fc74d209c9f289577a0a6f9e1e3caaf43
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200419/757629e6/attachment.html>
