Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 687aaa22 by Moritz Muehlenhoff at 2019-08-22T06:28:28Z pump removed libzstd n/a for oldstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1935,7 +1935,7 @@ CVE-2019-14654 (In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users au CVE-2018-20954 (The "Security and Privacy" Encryption feature in Mailpile before 1.0.0 ...) NOT-FOR-US: Mailpile CVE-2019-XXXX [Buffer overflow during processing of large server replies] - - pump <unfixed> (bug #933674) + - pump <removed> (bug #933674) CVE-2019-14653 (pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP e ...) NOT-FOR-US: pandao Editor.md CVE-2019-14652 @@ -10407,6 +10407,7 @@ CVE-2019-11923 RESERVED CVE-2019-11922 (A race condition in the one-pass compression functions of Zstandard pr ...) - libzstd 1.3.8+dfsg-2 + [stretch] - libzstd <not-affected> (Vulnerable code not present) NOTE: https://github.com/facebook/zstd/commit/3e5cdf1b6a85843e991d7d10f6a2567c15580da0 CVE-2019-11921 (An out of bounds write is possible via a specially crafted packet in c ...) NOT-FOR-US: Proxygen View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/687aaa22994a5d13c34cac66ac213da0bb6a6dd5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/687aaa22994a5d13c34cac66ac213da0bb6a6dd5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits