[Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
mgilbert at debian.org
Mon Mar 23 01:28:30 GMT 2020
Michael Gilbert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0974afb2 by Michael Gilbert at 2020-03-23T01:35:29+00:00
chromium dsa
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16766,7 +16766,7 @@ CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers
[buster] - sqlite3 <not-affected> (Vulnerable code introduced later)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
- - chromium 80.0.3987.149-1
+ - chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: Introduced in: https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268 (3.29.0)
NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
@@ -35238,7 +35238,7 @@ CVE-2019-15903 (In libexpat before 2.2.8, crafted XML input could fool the parse
- expat 2.2.7-2 (bug #939394)
- firefox 70.0-1
- firefox-esr 68.2.0esr-1
- - chromium <unfixed> (unimportant)
+ - chromium <not-affected> (uses system libexpat)
- thunderbird 1:68.2.1-1
NOTE: https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
NOTE: https://github.com/libexpat/libexpat/issues/317
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[22 Mar 2020] DSA-4645-1 chromium - security update
+ {CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2020-6449}
+ [buster] - chromium 80.0.3987.149-1~deb10u1
[20 Mar 2020] DSA-4644-1 tor - security update
{CVE-2020-10592}
[buster] - tor 0.3.5.10-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200323/0550a670/attachment.html>
More information about the debian-security-tracker-commits
mailing list