[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-10219,hibernate-validator: Reference fixing commit

Markus Koschany apo at debian.org
Sun Jan 5 18:13:20 GMT 2020 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70ace504 by Markus Koschany at 2020-01-05T18:43:40+01:00
CVE-2019-10219,hibernate-validator: Reference fixing commit

- - - - -
30b3d65a by Markus Koschany at 2020-01-05T19:12:38+01:00
CVE-2019-10219,libhibernate-validator-java: Jessie, Stretch and Buster are not

affected.

Vulnerable code was introduced later.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39976,9 +39976,12 @@ CVE-2019-10221
 CVE-2019-10220 (Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a rel ...)
 	- linux 5.3.9-1
 CVE-2019-10219 (A vulnerability was found in Hibernate-Validator. The SafeHtml validat ...)
-	- libhibernate-validator-java <undetermined>
+	- libhibernate-validator-java
+	[buster] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
+	[stretch] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
+	[jessie] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1738673
-	TODO: 20190910: Asked for more information in #1738673. (apo)
+	NOTE: Fixed by https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee
 CVE-2019-10218 (A flaw was found in the samba client, all samba versions before samba  ...)
 	- samba 2:4.11.1+dfsg-2
 	[buster] - samba <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c7cffec1db839e2965c7610faa09567b6e9b99ca...30b3d65ab45db793565b9a37ec6756fe6515dd51

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c7cffec1db839e2965c7610faa09567b6e9b99ca...30b3d65ab45db793565b9a37ec6756fe6515dd51
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200105/f1fe95d1/attachment.html>

More information about the debian-security-tracker-commits mailing list