[Git][security-tracker-team/security-tracker][master] chromium dsa

Sun, 22 Mar 2020 18:28:46 -0700 


Michael Gilbert pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0974afb2 by Michael Gilbert at 2020-03-23T01:35:29+00:00
chromium dsa

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16766,7 +16766,7 @@ CVE-2019-19880 (exprListAppendList in window.c in 
SQLite 3.30.1 allows attackers
        [buster] - sqlite3 <not-affected> (Vulnerable code introduced later)
        [stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
        [jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
-       - chromium 80.0.3987.149-1
+       - chromium 80.0.3987.106-1
        [stretch] - chromium <end-of-life> (see DSA 4562)
        NOTE: Introduced in: 
https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268
 (3.29.0)
        NOTE: Fixed by: 
https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
@@ -35238,7 +35238,7 @@ CVE-2019-15903 (In libexpat before 2.2.8, crafted XML 
input could fool the parse
        - expat 2.2.7-2 (bug #939394)
        - firefox 70.0-1
        - firefox-esr 68.2.0esr-1
-       - chromium <unfixed> (unimportant)
+       - chromium <not-affected> (uses system libexpat)
        - thunderbird 1:68.2.1-1
        NOTE: 
https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
        NOTE: https://github.com/libexpat/libexpat/issues/317


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[22 Mar 2020] DSA-4645-1 chromium - security update
+       {CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 
CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2020-6449}
+       [buster] - chromium 80.0.3987.149-1~deb10u1
 [20 Mar 2020] DSA-4644-1 tor - security update
        {CVE-2020-10592}
        [buster] - tor 0.3.5.10-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0974afb27e9140622a4c40d7187b56b7d95f81ab
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to