[Git][security-tracker-team/security-tracker][master] Move listing of CVE-2019-5436 to CVE list directly
Salvatore Bonaccorso
carnil at debian.org
Sat Feb 22 15:26:00 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
750d23c8 by Salvatore Bonaccorso at 2020-02-22T16:24:54+01:00
Move listing of CVE-2019-5436 to CVE list directly
Background: The issue does only affect the stretch version and was
already fixed for buster. While at it remove the postponed tagged entry.
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -63290,7 +63290,7 @@ CVE-2019-5437 (Information exposure through the directory listing in npm's harp
CVE-2019-5436 (A heap buffer overflow in the TFTP receiving code allows for DoS or ar ...)
{DLA-1804-1}
- curl 7.64.0-4 (bug #929351)
- [stretch] - curl <postponed> (Minor issue, can be fixed along in next DSA)
+ [stretch] - curl 7.52.1-5+deb9u10
NOTE: https://curl.haxx.se/docs/CVE-2019-5436.html
NOTE: Introduced by: https://github.com/curl/curl/commit/0516ce7786e95
NOTE: Fixed by: https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275
=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
[22 Feb 2020] DSA-4633-1 curl - security update
- {CVE-2019-5436 CVE-2019-5481 CVE-2019-5482}
+ {CVE-2019-5481 CVE-2019-5482}
[stretch] - curl 7.52.1-5+deb9u10
[buster] - curl 7.64.0-4+deb10u1
[22 Feb 2020] DSA-4632-1 ppp - security update
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/750d23c893037dc45c34c208d14b9c987f40c918
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/750d23c893037dc45c34c208d14b9c987f40c918
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200222/4243cdd0/attachment.html>
More information about the debian-security-tracker-commits
mailing list