[Git][security-tracker-team/security-tracker][master] data/CVE/list: Switch CVE-2019-17177/jessie from <no-dsa> to <ignored>....
Mike Gabriel
sunweaver at debian.org
Tue Mar 31 14:54:21 BST 2020
Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d9dc4813 by Mike Gabriel at 2020-03-31T15:53:09+02:00
data/CVE/list: Switch CVE-2019-17177/jessie from <no-dsa> to <ignored>. Patching this old version of FreeRDP would be very invasive, the old freerdp v1.1 is full of realloc() calls that don't check the result.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32614,7 +32614,7 @@ CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x throu
[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1
- freerdp <removed> (low)
[stretch] - freerdp <no-dsa> (Minor issue)
- [jessie] - freerdp <no-dsa> (Minor issue)
+ [jessie] - freerdp <ignored> (Minor issue; Patching this old version would be very invasive; no upstream patch available)
NOTE: https://github.com/FreeRDP/FreeRDP/issues/5645
NOTE: https://github.com/akallabeth/FreeRDP/commit/fc80ab45621bd966f70594c0b7393ec005a94007
CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPa ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9dc48131d1173d5d10d9d9b9fd1b0ed60dd68bd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9dc48131d1173d5d10d9d9b9fd1b0ed60dd68bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200331/71d3dd17/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list