[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10195 and CVE-2019-14867 as no-dsa

Salvatore Bonaccorso carnil at debian.org
Sun Jan 5 20:20:46 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cd43243d by Salvatore Bonaccorso at 2020-01-05T21:19:28+01:00
Mark CVE-2019-10195 and CVE-2019-14867 as no-dsa

This is not quite optimal, but outside Red Hat world freeipa has less
relevance. Those two issues can be fixed in a scheduled point release.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25684,6 +25684,7 @@ CVE-2019-14868
 	RESERVED
 CVE-2019-14867 (A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x ve ...)
 	- freeipa 4.8.3-1
+	[buster] - freeipa <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://pagure.io/freeipa/c/4abd2f76d76c4c1a1ec5087ec447f4515b63c2c6
 CVE-2019-14866 [improper input validation when writing tar header fields leads to unexpect tar generation]
 	RESERVED
@@ -40101,6 +40102,7 @@ CVE-2019-10196
 	NOT-FOR-US: nodejs-http-proxy-agent
 CVE-2019-10195 (A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x ve ...)
 	- freeipa 4.8.3-1
+	[buster] - freeipa <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://pagure.io/freeipa/c/02ce407f5e10e670d4788778037892b58f80adc0
 CVE-2019-10194 (Sensitive passwords used in deployment and configuration of oVirt Metr ...)
 	NOT-FOR-US: ovirt-engine-metrics



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd43243da1b86cedbd521be248ca2f3369e07f30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd43243da1b86cedbd521be248ca2f3369e07f30
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200105/32d16f70/attachment.html>

More information about the debian-security-tracker-commits mailing list