[Git][security-tracker-team/security-tracker][CVE-2019-25067] further updates
Reinhard Tartler (@siretart)
siretart at debian.org
Mon Jul 4 13:42:01 BST 2022
Reinhard Tartler pushed to branch CVE-2019-25067 at Debian Security Tracker / security-tracker
Commits:
36687ac8 by Reinhard Tartler at 2022-07-04T12:41:53+00:00
further updates
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6655,7 +6655,8 @@ CVE-2019-25067 (A vulnerability, which was classified as critical, was found in
NOTE: https://www.exploit-db.com/exploits/47500
NOTE: exploit demo script on client uses Python podman code which is not in Debian
NOTE: refers to old versions of remote code which never made it to a Debian release
- NOTE: unclear if the issue was ever reported upstream, could be Fedora/RedHat specific
+ NOTE: issue probably present in all versions with varlink, starting 1.6.2+dfsg-1
+ NOTE: upstream (Fedora/RedHat) refuses to look into it: https://bugzilla.redhat.com/show_bug.cgi?id=2097496
CVE-2019-25066 (A vulnerability has been found in ajenti 2.1.31 and classified as crit ...)
- ajenti <itp> (bug #792019)
CVE-2019-25065 (A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36687ac8815ebcdfefa83abf209642d2cba943fd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36687ac8815ebcdfefa83abf209642d2cba943fd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220704/76a28ef5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list