Michael Gilbert pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0974afb2 by Michael Gilbert at 2020-03-23T01:35:29+00:00 chromium dsa - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== @@ -16766,7 +16766,7 @@ CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers [buster] - sqlite3 <not-affected> (Vulnerable code introduced later) [stretch] - sqlite3 <not-affected> (Vulnerable code introduced later) [jessie] - sqlite3 <not-affected> (Vulnerable code introduced later) - - chromium 80.0.3987.149-1 + - chromium 80.0.3987.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) NOTE: Introduced in: https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268 (3.29.0) NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 @@ -35238,7 +35238,7 @@ CVE-2019-15903 (In libexpat before 2.2.8, crafted XML input could fool the parse - expat 2.2.7-2 (bug #939394) - firefox 70.0-1 - firefox-esr 68.2.0esr-1 - - chromium <unfixed> (unimportant) + - chromium <not-affected> (uses system libexpat) - thunderbird 1:68.2.1-1 NOTE: https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43 NOTE: https://github.com/libexpat/libexpat/issues/317 ===================================== data/DSA/list ===================================== @@ -1,3 +1,6 @@ +[22 Mar 2020] DSA-4645-1 chromium - security update + {CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2020-6449} + [buster] - chromium 80.0.3987.149-1~deb10u1 [20 Mar 2020] DSA-4644-1 tor - security update {CVE-2020-10592} [buster] - tor 0.3.5.10-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits