Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9a72366f by Salvatore Bonaccorso at 2019-06-18T11:27:14Z
Add fixed version for various linux CVEs in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2343,7 +2343,7 @@ CVE-2019-11885 (eyeDisk implements the unlock feature by
sending a cleartext pas
NOT-FOR-US: eyeDisk
CVE-2019-11884 (The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c
in the Li ...)
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
NOTE:
https://git.kernel.org/linus/a1616a5ac99ede5d605047a9012481ce7ff18b16
CVE-2019-11883
RESERVED
@@ -2455,7 +2455,7 @@ CVE-2019-11834 (cJSON before 1.7.11 allows out-of-bounds
access, related to \x00
NOTE: https://github.com/DaveGamble/cJSON/issues/337
CVE-2019-11833 (fs/ext4/extents.c in the Linux kernel through 5.1.2 does not
zero out ...)
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
NOTE: Fixed by:
https://git.kernel.org/linus/592acbf16821288ecdc4192c47e3774a4c48bb64
CVE-2019-11832 (TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote
code execut ...)
NOT-FOR-US: Typo3
@@ -3405,15 +3405,15 @@ CVE-2019-11480
CVE-2019-11479
RESERVED
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
CVE-2019-11478
RESERVED
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
CVE-2019-11477
RESERVED
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
CVE-2019-11476
RESERVED
CVE-2019-11475
@@ -6815,7 +6815,7 @@ CVE-2019-10127
NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10126 (A flaw was found in the Linux kernel. A heap based buffer
overflow in ...)
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
NOTE:
https://lore.kernel.org/linux-wireless/[email protected]
CVE-2017-18364 (phpFK lite has XSS via the faq.php, members.php, or search.php
query s ...)
NOT-FOR-US: phpFK
@@ -9264,7 +9264,7 @@ CVE-2019-9504
CVE-2019-9503 [brcmfmac: add subtype check for event handling in data path]
RESERVED
{DSA-4465-1 DLA-1824-1 DLA-1799-1}
- - linux <unfixed>
+ - linux 4.19.37-4
NOTE:
https://git.kernel.org/linus/a4176ec356c73a46c07c181c6d04039fafa34a9f (5.1-rc1)
CVE-2019-9502
RESERVED
@@ -9273,7 +9273,7 @@ CVE-2019-9501
CVE-2019-9500 [brcmfmac: assure SSID length from firmware is limited]
RESERVED
{DSA-4465-1 DLA-1824-1}
- - linux <unfixed>
+ - linux 4.19.37-4
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/1b5e2423164b3670e8bc9174e4762d297990deff (5.1-rc1)
CVE-2019-9499 (The implementations of EAP-PWD in wpa_supplicant EAP Peer, when
built ...)
@@ -19334,7 +19334,7 @@ CVE-2019-5488 (EARCLINK ESPCMS-P8 has SQL injection in
the install_pack/index.ph
NOT-FOR-US: EARCLINK ESPCMS-P8
CVE-2019-5489 (The mincore() implementation in mm/mincore.c in the Linux
kernel throu ...)
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
CVE-2019-5487
RESERVED
CVE-2019-5486
@@ -22810,7 +22810,7 @@ CVE-2019-3847 (A vulnerability was found in moodle
before versions 3.6.3, 3.5.5,
- moodle <removed>
CVE-2019-3846 (A flaw that allowed an attacker to corrupt memory and possibly
escalat ...)
{DSA-4465-1 DLA-1824-1 DLA-1823-1}
- - linux <unfixed>
+ - linux 4.19.37-4
NOTE:
https://lore.kernel.org/linux-wireless/[email protected]/
CVE-2019-3845 (A lack of access control was found in the message queues
maintained by ...)
NOT-FOR-US: qpid dispatch router
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a72366fef7e8d75e600e9806dcedc2aa58a1c58
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a72366fef7e8d75e600e9806dcedc2aa58a1c58
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
