[Git][security-tracker-team/security-tracker][master] Track fixed versions for waitress issues via unstable
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 1 15:49:46 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1364f74c by Salvatore Bonaccorso at 2020-01-01T15:49:17Z
Track fixed versions for waitress issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18882,7 +18882,7 @@ CVE-2019-16791
CVE-2019-16790 (In Tiny File Manager before 2.3.9, there is a remote code execution vi ...)
NOT-FOR-US: Tiny File Manager
CVE-2019-16789 (In Waitress through version 1.4.0, if a proxy server is used in front ...)
- - waitress <unfixed> (bug #947433)
+ - waitress 1.4.1-1 (bug #947433)
[buster] - waitress <no-dsa> (Minor issue)
[stretch] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4
@@ -18890,14 +18890,14 @@ CVE-2019-16789 (In Waitress through version 1.4.0, if a proxy server is used in
CVE-2019-16788
RESERVED
CVE-2019-16786 (Waitress through version 1.3.1 would parse the Transfer-Encoding heade ...)
- - waitress <unfixed> (bug #947306)
+ - waitress 1.4.1-1 (bug #947306)
[buster] - waitress <no-dsa> (Minor issue)
[stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
NOTE: https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 ...)
- - waitress <unfixed> (bug #947306)
+ - waitress 1.4.1-1 (bug #947306)
[buster] - waitress <no-dsa> (Minor issue)
[stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1364f74c36beb02dcf63f28f81e22abd85cacc69
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1364f74c36beb02dcf63f28f81e22abd85cacc69
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200101/62a5f421/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list