Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 21dd1eca by Moritz Muehlenhoff at 2019-09-27T22:00:19Z new chromium issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -6045,7 +6045,9 @@ CVE-2019-14809 (net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles - golang-1.12 1.12.8-1 - golang-1.11 1.11.13-1 - golang-1.8 <removed> + [stretch] - golang-1.8 <ignored> (Minor issue) - golang-1.7 <removed> + [stretch] - golang-1.7 <ignored> (Minor issue) - golang <removed> [jessie] - golang <ignored> (Fix too invasive to backport, url.go file in jessie too far behind upstream) NOTE: Issue: https://github.com/golang/go/issues/29098 @@ -9411,8 +9413,10 @@ CVE-2019-13693 RESERVED CVE-2019-13692 RESERVED + - chromium <unfixed> CVE-2019-13691 RESERVED + - chromium <unfixed> CVE-2019-13690 RESERVED CVE-2019-13689 @@ -9433,54 +9437,78 @@ CVE-2019-13684 RESERVED CVE-2019-13683 RESERVED + - chromium <unfixed> CVE-2019-13682 RESERVED + - chromium <unfixed> CVE-2019-13681 RESERVED + - chromium <unfixed> CVE-2019-13680 RESERVED + - chromium <unfixed> CVE-2019-13679 RESERVED + - chromium <unfixed> CVE-2019-13678 RESERVED + - chromium <unfixed> CVE-2019-13677 RESERVED + - chromium <unfixed> CVE-2019-13676 RESERVED + - chromium <unfixed> CVE-2019-13675 RESERVED + - chromium <unfixed> CVE-2019-13674 RESERVED + - chromium <unfixed> CVE-2019-13673 RESERVED + - chromium <unfixed> CVE-2019-13672 RESERVED CVE-2019-13671 RESERVED + - chromium <unfixed> CVE-2019-13670 RESERVED + - chromium <unfixed> CVE-2019-13669 RESERVED + - chromium <unfixed> CVE-2019-13668 RESERVED + - chromium <unfixed> CVE-2019-13667 RESERVED + - chromium <unfixed> CVE-2019-13666 RESERVED + - chromium <unfixed> CVE-2019-13665 RESERVED + - chromium <unfixed> CVE-2019-13664 RESERVED + - chromium <unfixed> CVE-2019-13663 RESERVED + - chromium <unfixed> CVE-2019-13662 RESERVED + - chromium <unfixed> CVE-2019-13661 RESERVED + - chromium <unfixed> CVE-2019-13660 RESERVED + - chromium <unfixed> CVE-2019-13659 RESERVED + - chromium <unfixed> CVE-2019-13658 RESERVED CVE-2019-13657 @@ -31953,28 +31981,40 @@ CVE-2019-5883 (An Incorrect Access Control issue was discovered in GitLab Commun NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/ CVE-2019-5881 RESERVED + - chromium <unfixed> CVE-2019-5880 RESERVED + - chromium <unfixed> CVE-2019-5879 RESERVED + - chromium <unfixed> CVE-2019-5878 RESERVED + - chromium <unfixed> CVE-2019-5877 RESERVED + - chromium <unfixed> CVE-2019-5876 RESERVED + - chromium <unfixed> CVE-2019-5875 RESERVED + - chromium <unfixed> CVE-2019-5874 RESERVED + - chromium <unfixed> CVE-2019-5873 RESERVED + - chromium <unfixed> CVE-2019-5872 RESERVED + - chromium <unfixed> CVE-2019-5871 RESERVED + - chromium <unfixed> CVE-2019-5870 RESERVED + - chromium <unfixed> CVE-2019-5869 RESERVED - chromium <unfixed> @@ -55164,14 +55204,12 @@ CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1. NOTE: https://github.com/golang/go/issues/29233 NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3) NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6) - TODO: check other versions CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...) - golang-1.11 1.11.3-1 - golang-1.10 1.10.6-1 NOTE: https://github.com/golang/go/issues/29231 NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3) NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6) - TODO: check other versions CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...) - golang-1.11 1.11.3-1 - golang-1.10 1.10.6-1 @@ -55180,7 +55218,6 @@ CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" comma NOTE: https://github.com/golang/go/commit/5aedc8af94c0a8ffc58cbd09993192dea9b238db (1.11.3) NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6) NOTE: https://github.com/golang/go/commit/7ef6ee2c5727f0d11206b4d1866c18e6ab4785be (1.10.6) - TODO: check other versions CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The code openi ...) {DSA-4454-1 DLA-1694-1} - qemu 1:3.1+dfsg-2 (bug #916397) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21dd1eca52ca7af45fbb2fe764830df6a277eb05 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21dd1eca52ca7af45fbb2fe764830df6a277eb05 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits