[Git][security-tracker-team/security-tracker][master] new libzypp issue

Moritz Muehlenhoff jmm at debian.org
Mon Mar 2 21:36:11 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7dbf260c by Moritz Muehlenhoff at 2020-03-02T22:35:42+01:00
new libzypp issue
SuSE NFUs/ n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21334,19 +21334,19 @@ CVE-2019-18905
 CVE-2019-18904
 	RESERVED
 CVE-2019-18903 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
-	TODO: check
+	NOT-FOR-US: openSUSE wicked
 CVE-2019-18902 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
-	TODO: check
+	NOT-FOR-US: openSUSE wicked
 CVE-2019-18901 (A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-sy ...)
-	TODO: check
+	NOT-FOR-US: SuSE-specific mysqld-systemd-helper
 CVE-2019-18900 (: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS  ...)
-	TODO: check
+	- libzypp <unfixed>
 CVE-2019-18899 (The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in use ...)
 	- apt-cacher-ng <not-affected> (openSUSE specific systemd service unit configuration)
 CVE-2019-18898 (UNIX Symbolic Link (Symlink) Following vulnerability in the trousers p ...)
 	NOT-FOR-US: SUSE specific packaging issue in %posttrans section in src:trousers
 CVE-2019-18897 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
-	TODO: check
+	- salt <not-affected> (SuSE-specific Salt packaging vulnerability)
 CVE-2019-18896
 	RESERVED
 CVE-2019-18895 (Scanguard through 2019-11-12 on Windows has Insecure Permissions for t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dbf260c52141d3ed9d759eac6fefa4e7b131d48

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dbf260c52141d3ed9d759eac6fefa4e7b131d48
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200302/d7393327/attachment.html>

More information about the debian-security-tracker-commits mailing list