[Git][security-tracker-team/security-tracker][master] 4 commits: Update status for CVE-2019-19927/linux

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c711a65c by Salvatore Bonaccorso at 2020-01-12T21:21:18+01:00
Update status for CVE-2019-19927/linux

- - - - -
65325a2f by Salvatore Bonaccorso at 2020-01-12T21:21:51+01:00
Update status for CVE-2019-19815/linux

- - - - -
1ebba4f8 by Salvatore Bonaccorso at 2020-01-12T21:22:06+01:00
Update status for CVE-2019-5108/linux

- - - - -
b16d3844 by Salvatore Bonaccorso at 2020-01-12T21:22:43+01:00
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7019,8 +7019,7 @@ CVE-2019-19929 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleane
 CVE-2019-19928
 	RESERVED
 CVE-2019-19927 (In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on k ...)
-	- linux <undetermined>
-	TODO: check in kernel-sec
+	- linux 5.2.6-1
 CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 mishandles certain errors dur ...)
 	- sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
 	NOTE: https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
@@ -7995,7 +7994,7 @@ CVE-2019-19817 (The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.
 CVE-2019-19816 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image  ...)
 	- linux <unfixed>
 CVE-2019-19815 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...)
-	- linux <unfixed>
+	- linux 5.3.7-1
 CVE-2019-19814 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...)
 	- linux <unfixed>
 CVE-2019-19813 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, ...)
@@ -57464,8 +57463,9 @@ CVE-2019-5110 (Exploitable SQL injection vulnerabilities exist in the authentica
 CVE-2019-5109 (Exploitable SQL injection vulnerabilities exists in the authenticated  ...)
 	NOT-FOR-US: Forma LMS
 CVE-2019-5108 (An exploitable denial-of-service vulnerability exists in the Linux ker ...)
-	- linux <unfixed>
+	- linux 5.3.7-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
+	NOTE: https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e
 CVE-2019-5107
 	RESERVED
 CVE-2019-5106



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6ea896374ebfc5a503207b7b3d988c0eacbe5702...b16d3844bd677a323eb68212eb528ef419da5e71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6ea896374ebfc5a503207b7b3d988c0eacbe5702...b16d3844bd677a323eb68212eb528ef419da5e71
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200112/a304806a/attachment.html>