[Git][security-tracker-team/security-tracker][master] LTS: update triage of CVE-2019-8457/db5.3 so bullseye matches most recent analysis
Roberto C. Sánchez (@roberto)
roberto at debian.org
Wed Sep 11 19:00:56 BST 2024
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aa8f0d38 by Roberto C. Sánchez at 2024-09-11T14:00:44-04:00
LTS: update triage of CVE-2019-8457/db5.3 so bullseye matches most recent analysis
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -403107,7 +403107,7 @@ CVE-2019-8458 (Check Point Endpoint Security Client for Windows, with Anti-Malwa
NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2019-8457 (SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-o ...)
- db5.3 5.3.28+dfsg1-0.9 (bug #1010974)
- [bullseye] - db5.3 <no-dsa> (Minor issue)
+ [bullseye] - db5.3 <ignored> (vulnerable code is present but unused in Debian, and fix is too risky to backport)
[buster] - db5.3 <ignored> (vulnerable code is present but unused in Debian, and fix is too risky to backport)
[stretch] - db5.3 <ignored> (vulnerable code is present but unused in Debian, and fix is too risky to backport)
- sqlite3 3.27.2-3 (bug #929775)
@@ -403119,6 +403119,7 @@ CVE-2019-8457 (SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap
NOTE: https://sqlite.org/src/info/87f261f0cb800b06
NOTE: Affected function is not used in Debian and meant for debugging purposes,
NOTE: backporting the fix would be very complex.
+ NOTE: https://lists.debian.org/debian-lts/2023/06/msg00012.html
NOTE: https://lists.debian.org/debian-lts/2019/06/msg00013.html
NOTE: https://lists.debian.org/debian-lts/2019/06/msg00036.html
CVE-2019-8456 (Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa8f0d38b504f2b821af6c161ac28f9882eeab11
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa8f0d38b504f2b821af6c161ac28f9882eeab11
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240911/b4494b11/attachment.htm>
More information about the debian-security-tracker-commits
mailing list