[Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2019-2391 and CVE-2020-7610 via unstable

Salvatore Bonaccorso carnil at debian.org
Sat Apr 25 21:47:49 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7a8f55d by Salvatore Bonaccorso at 2020-04-25T22:47:11+02:00
Update fixed version for CVE-2019-2391 and CVE-2020-7610 via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11999,7 +11999,7 @@ CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11
 	NOT-FOR-US: io.micronaut:micronaut-http-client
 CVE-2020-7610 (All versions of bson before 1.1.4 are vulnerable to Deserialization of ...)
 	[experimental] - node-mongodb 3.5.5+~cs11.12.19-1
-	- node-mongodb <unfixed>
+	- node-mongodb 3.5.6+~cs11.12.19-1
 	NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
 	NOTE: https://snyk.io/vuln/SNYK-JS-BSON-561052
 	NOTE: https://github.com/mongodb/js-bson/commit/3809c1313a7b2a8001065f0271199df9fa3d16a8
@@ -81130,7 +81130,7 @@ CVE-2019-2392
 	RESERVED
 CVE-2019-2391 (Incorrect parsing of certain JSON input may result in js-bson not corr ...)
 	[experimental] - node-mongodb 3.5.5+~cs11.12.19-1
-	- node-mongodb <unfixed>
+	- node-mongodb 3.5.6+~cs11.12.19-1
 	NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
 CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can create  ...)
 	NOT-FOR-US: Microsoft



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7a8f55d8f62d4778aa794a5e49f06d1d1890a31

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7a8f55d8f62d4778aa794a5e49f06d1d1890a31
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200425/64b41671/attachment.html>

More information about the debian-security-tracker-commits mailing list