[Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-3836/gnutls28

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb59b4e4 by Salvatore Bonaccorso at 2020-06-05T20:10:11+02:00
Update information on CVE-2019-3836/gnutls28

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80565,11 +80565,13 @@ CVE-2019-3837 (It was found that the net_dma code in tcp_recvmsg() in the 2.6.32
 CVE-2019-3836 (It was discovered in gnutls before version 3.6.7 upstream that there i ...)
 	[experimental] - gnutls28 3.6.7-1
 	- gnutls28 3.6.7-2
+	[stretch] - gnutls28 <not-affected> (Vulnerable code introduced later in 3.6.4)
 	[jessie] - gnutls28 <not-affected> (vulnerable code was introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678411
 	NOTE: https://gitlab.com/gnutls/gnutls/issues/704
+	NOTE: https://gitlab.com/gnutls/gnutls/commit/96e07075e8f105b13e76b11e493d5aa2dd937226
 	NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27
-	NOTE: Upstream versions affected are 3.6.3 and later before 3.6.7
+	NOTE: Upstream versions affected are 3.6.4 and later before 3.6.7
 CVE-2019-3835 (It was found that the superexec operator was available in the internal ...)
 	{DSA-4432-1 DLA-1761-1}
 	[experimental] - ghostscript 9.27~~dc1~dfsg-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb59b4e4b89de195c991ed96e6f7fd45bc2b9079

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb59b4e4b89de195c991ed96e6f7fd45bc2b9079
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200605/0839d800/attachment.html>