[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-13033/lynis as unimportant

Salvatore Bonaccorso carnil at debian.org
Mon Jun 22 13:32:45 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b41a72f by Salvatore Bonaccorso at 2020-06-22T14:32:24+02:00
Mark CVE-2019-13033/lynis as unimportant

Enabling license system in the packaged version is possible, but
enabling it makes little sense as users will end-up quitting on all the
extra tests that are not opensourced (and only present in the enterprise
version).

Thanks: Marc Dequènes for th usefull comments on the feature

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -58280,9 +58280,12 @@ CVE-2019-13045 (Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1,
 	NOTE: Fixed in 1.0.8, 1.1.3, 1.2.1
 CVE-2019-13033 (In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by  ...)
 	{DLA-2253-1}
-	- lynis <unfixed> (bug #963161)
+	- lynis <unfixed> (unimportant; bug #963161)
 	NOTE: https://cisofy.com/security/cve/cve-2019-13033/
 	NOTE: https://github.com/CISOfy/lynis/commit/3b9eda53cc20e851c4456618f027bc9ea794ad30
+	NOTE: Enabling license system in the packaged version is possible, but enabling it
+	NOTE: makes little sense as users will end-up quitting on all the extra tests that
+	NOTE: are not opensourced (and only present in the enterprise version).
 CVE-2019-13032 (An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL point ...)
 	- flightcrew 0.7.2+dfsg-14 (unimportant; bug #931246)
 	[buster] - flightcrew 0.7.2+dfsg-13+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b41a72f3efdd7e765c4839cba95a70a0521136b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b41a72f3efdd7e765c4839cba95a70a0521136b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200622/c152317c/attachment.html>

More information about the debian-security-tracker-commits mailing list