[Git][security-tracker-team/security-tracker][master] Associate CVE-2019-14607 with change from 2019-11-15 microcode release

Moritz Muehlenhoff jmm at debian.org
Mon Jan 13 14:15:13 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdc1b452 by Moritz Muehlenhoff at 2020-01-13T15:13:39+01:00
Associate CVE-2019-14607 with change from 2019-11-15 microcode release

There's no advisory which specifically pins this to the 11-15 release, but
everything points to it and I guess that's about as good as it gets...

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29503,8 +29503,8 @@ CVE-2019-14609 (Improper input validation in firmware for Intel(R) NUC(R) may al
 CVE-2019-14608 (Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow ...)
 	NOT-FOR-US: Intel
 CVE-2019-14607 (Improper conditions check in multiple Intel® Processors may allow ...)
+	- intel-microcode 3.20191115.1
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html
-	TODO: check, this is likely the issue addressed with intel-microcode/3.20191115
 CVE-2019-14606
 	RESERVED
 CVE-2019-14605 (Improper permissions in the installer for the Intel(R) SCS Platform Di ...)


=====================================
data/DSA/list
=====================================
@@ -66,6 +66,7 @@
 	[stretch] - spamassassin 3.4.2-1~deb9u2
 	[buster] - spamassassin 3.4.2-1+deb10u1
 [13 Dec 2019] DSA-4565-2 intel-microcode - security update
+	{CVE-2019-14607}
 	[stretch] - intel-microcode 3.20191115.2~deb9u1
 	[buster] - intel-microcode 3.20191115.2~deb10u1
 [13 Dec 2019] DSA-4583-1 spip - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdc1b452c80c1db9ad6855253673e8df52c94307

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdc1b452c80c1db9ad6855253673e8df52c94307
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200113/81db7a67/attachment.html>

More information about the debian-security-tracker-commits mailing list