[Git][security-tracker-team/security-tracker][master] Fix links for CVE-2019-13115 and CVE-2019-17498

Anton Gladky (@gladk) gladk at debian.org
Fri Dec 17 19:43:09 GMT 2021 


Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89b10d09 by Anton Gladky at 2021-12-17T20:42:40+01:00
Fix links for CVE-2019-13115 and CVE-2019-17498

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -152922,13 +152922,12 @@ CVE-2019-17498 (In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT l
 	[buster] - libssh2 <no-dsa> (Minor issue)
 	[stretch] - libssh2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c
-	NOTE: https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
+  NOTE: https://securitylab.github.com/research/libssh2-integer-overflow-CVE-2019-17498/
 	NOTE: Backported SUSE patch for versions <= 1.8.0 (including struct string_buf,
 	NOTE: and the functions _libssh2_check_length(), _libssh2_get_u32() and
 	NOTE: libssh2_get_string(), forming part of the fix):
 	NOTE: https://bugzilla.suse.com/attachment.cgi?id=822416
 	NOTE: Only exploitable with a malicious server
-  NOTE: https://securitylab.github.com/research/libssh2-integer-overflow-CVE-2019-17498/
 CVE-2018-21028 (Boa through 0.94.14rc21 allows remote attackers to trigger a memory le ...)
 	- boa <removed>
 CVE-2018-21027 (Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-m ...)
@@ -167489,7 +167488,7 @@ CVE-2019-13115 (In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchang
 	- libssh2 1.9.0-1 (bug #932329)
 	[buster] - libssh2 <no-dsa> (Minor issue)
 	[stretch] - libssh2 <no-dsa> (Minor issue)
-	NOTE: https://blog.semmle.com/libssh2-integer-overflow/
+	NOTE: https://securitylab.github.com/research/libssh2-integer-overflow/
 	NOTE: https://github.com/libssh2/libssh2/pull/350
 	NOTE: https://github.com/libssh2/libssh2/commit/ff1b155731ff8f790f12d980911d9fd84d0e1598
 CVE-2019-13114 (http.c in Exiv2 through 0.27.1 allows a malicious http server to cause ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b10d099ce6ed45b401780bacb8c535471a05d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b10d099ce6ed45b401780bacb8c535471a05d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211217/441d1a28/attachment.htm>

More information about the debian-security-tracker-commits mailing list