[Git][security-tracker-team/security-tracker][master] 3 commits: Track fixed version for CVE-2019-14862/node-knockout
Salvatore Bonaccorso
carnil at debian.org
Thu Mar 26 11:53:10 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4d1b88ad by Salvatore Bonaccorso at 2020-03-26T12:50:45+01:00
Track fixed version for CVE-2019-14862/node-knockout
- - - - -
93db7dfa by Salvatore Bonaccorso at 2020-03-26T12:51:31+01:00
Track proposed update for CVE-2019-14862/node-knockout via buster-pu
- - - - -
952d34f1 by Salvatore Bonaccorso at 2020-03-26T12:52:42+01:00
Track proposed update for CVE-2019-14862/node-knockout via stretch-pu
- - - - -
3 changed files:
- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -39305,7 +39305,7 @@ CVE-2019-14863 (There is a vulnerability in all angular versions before 1.5.0-be
NOTE: https://github.com/angular/angular.js/commit/f33ce173c90736e349cf594df717ae3ee41e0f7a
NOTE: https://github.com/angular/angular.js/pull/12524
CVE-2019-14862 (There is a vulnerability in knockout before version 3.5.0-beta, where ...)
- - node-knockout <unfixed> (unimportant; bug #943560)
+ - node-knockout 3.4.2-3 (unimportant; bug #943560)
NOTE: https://github.com/knockout/knockout/issues/1244
NOTE: https://github.com/knockout/knockout/pull/2345
NOTE: https://github.com/knockout/knockout/commit/7e280b2b8a04cc19176b5171263a5c68bda98efb
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -54,3 +54,5 @@ CVE-2017-5715
[stretch] - amd64-microcode 3.20181128.1~deb9u1
CVE-2020-5267
[stretch] - rails 2:4.2.7.1-1+deb9u2
+CVE-2019-14862
+ [stretch] - node-knockout 3.4.2-2+deb9u1
=====================================
data/next-point-update.txt
=====================================
@@ -61,3 +61,5 @@ CVE-2020-8597
[buster] - lwip 2.0.3-3+deb10u1
CVE-2020-7608
[buster] - node-yargs-parser 11.1.1-1+deb10u1
+CVE-2019-14862
+ [buster] - node-knockout 3.4.2-2+deb10u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/83d7b33fcdc56915a92d5258b5321bd226ad8e47...952d34f186ae3914596ae57a460bd5b111c31478
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/83d7b33fcdc56915a92d5258b5321bd226ad8e47...952d34f186ae3914596ae57a460bd5b111c31478
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200326/7ccba2e6/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list