[Git][security-tracker-team/security-tracker][master] Mark jessie as not-affected for some CVE of transfig
Dylan Aïssi
daissi at debian.org
Sun Jan 19 22:29:06 GMT 2020
Dylan Aïssi pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f5d6f038 by Dylan Aïssi at 2020-01-19T23:28:43+01:00
Mark jessie as not-affected for some CVE of transfig
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8865,7 +8865,7 @@ CVE-2019-19797 (read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bou
[buster] - fig2dev <no-dsa> (Minor issue)
[stretch] - fig2dev <no-dsa> (Minor issue)
- transfig <removed>
- [jessie] - transfig <no-dsa> (Minor issue)
+ [jessie] - transfig <not-affected> (Unreproducible)
NOTE: https://sourceforge.net/p/mcj/tickets/67/
CVE-2019-19807 (In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after- ...)
- linux 5.3.15-1
@@ -10012,6 +10012,7 @@ CVE-2019-19747 (NeuVector 3.1 when configured to allow authentication via Active
CVE-2019-19746 (make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fau ...)
- fig2dev 1:3.2.7b-3 (unimportant; bug #946628)
- transfig <removed> (unimportant)
+ [jessie] - transfig <not-affected> (Unreproducible)
NOTE: https://sourceforge.net/p/mcj/tickets/57/
NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/3065abc7b4f740ed6532322843531317de782a26/
CVE-2019-19745 (Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end u ...)
@@ -12836,6 +12837,7 @@ CVE-2019-19556
CVE-2019-19555 (read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buf ...)
- fig2dev 1:3.2.7b-2 (unimportant; bug #946176)
- transfig <removed> (unimportant)
+ [jessie] - transfig <not-affected> (Unreproducible)
NOTE: https://sourceforge.net/p/mcj/tickets/55/
NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/
NOTE: Crash in CLI tool, negligible security impact
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5d6f0385e6b888a066574bc5564c09776d0f8b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5d6f0385e6b888a066574bc5564c09776d0f8b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200119/f29970d6/attachment.html>
More information about the debian-security-tracker-commits
mailing list