Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8c05f5a5 by Salvatore Bonaccorso at 2019-01-31T07:42:18Z Add CVE-2019-6690/python-gnupg - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1156,8 +1156,12 @@ CVE-2019-6692 RESERVED CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the ...) NOT-FOR-US: phpwind -CVE-2019-6690 +CVE-2019-6690 [improper input validation in gnupg.GPG.encrypt() and gnupg.GPG.decrypt()] RESERVED + - python-gnupg 0.4.4-1 + NOTE: https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability + NOTE: https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112 + NOTE: https://github.com/vsajip/python-gnupg/commit/3003b654ca1c29b0510a54b9848571b3ad57df19#diff-88b99bb28683bd5b7e3a204826ead112 CVE-2018-1000997 (A path traversal vulnerability exists in the Stapler web framework ...) NOT-FOR-US: Jenkins CVE-2019-6689 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c05f5a530cdd6b1252c4f82cc6749e275c43c5b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c05f5a530cdd6b1252c4f82cc6749e275c43c5b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits