[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-20367 has a NVD score of 9.1 and has been fixed

Thorsten Alteholz alteholz at debian.org
Thu Feb 18 22:36:28 GMT 2021 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e66264d by Thorsten Alteholz at 2021-02-18T23:10:24+01:00
CVE-2019-20367 has a NVD score of 9.1 and has been fixed

- - - - -
12056708 by Thorsten Alteholz at 2021-02-18T23:36:14+01:00
Reserve DLA-2566-1 for libbsd

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81010,7 +81010,6 @@ CVE-2020-6177 (SAP Mobile Platform, version 3.0, does not sufficiently validate
 CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ...)
 	- libbsd 0.10.0-1
 	[buster] - libbsd <no-dsa> (Minor issue)
-	[stretch] - libbsd <no-dsa> (Minor issue)
 	[jessie] - libbsd <no-dsa> (Minor issue)
 	NOTE: https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html
 	NOTE: https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b (0.10.0)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Feb 2021] DLA-2566-1 libbsd - security update
+	{CVE-2019-20367}
+	[stretch] - libbsd 0.8.3-1+deb9u1
 [18 Feb 2021] DLA-2565-1 openssl1.0 - security update
 	{CVE-2021-23840 CVE-2021-23841}
 	[stretch] - openssl1.0 1.0.2u-1~deb9u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5028280c46612347214370db3f6bc49d8aa7032a...120567089071fb99aaafbca126b31e190f048c5f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5028280c46612347214370db3f6bc49d8aa7032a...120567089071fb99aaafbca126b31e190f048c5f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210218/e92bb4d3/attachment.html>

More information about the debian-security-tracker-commits mailing list