[Git][security-tracker-team/security-tracker][master] new chromium issues

Fri, 27 Sep 2019 15:01:18 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
21dd1eca by Moritz Muehlenhoff at 2019-09-27T22:00:19Z
new chromium issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6045,7 +6045,9 @@ CVE-2019-14809 (net/url in Go before 1.11.13 and 1.12.x 
before 1.12.8 mishandles
        - golang-1.12 1.12.8-1
        - golang-1.11 1.11.13-1
        - golang-1.8 <removed>
+       [stretch] - golang-1.8 <ignored> (Minor issue)
        - golang-1.7 <removed>
+       [stretch] - golang-1.7 <ignored> (Minor issue)
        - golang <removed>
        [jessie] - golang <ignored> (Fix too invasive to backport, url.go file 
in jessie too far behind upstream)
        NOTE: Issue: https://github.com/golang/go/issues/29098
@@ -9411,8 +9413,10 @@ CVE-2019-13693
        RESERVED
 CVE-2019-13692
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13691
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13690
        RESERVED
 CVE-2019-13689
@@ -9433,54 +9437,78 @@ CVE-2019-13684
        RESERVED
 CVE-2019-13683
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13682
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13681
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13680
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13679
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13678
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13677
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13676
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13675
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13674
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13673
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13672
        RESERVED
 CVE-2019-13671
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13670
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13669
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13668
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13667
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13666
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13665
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13664
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13663
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13662
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13661
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13660
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13659
        RESERVED
+       - chromium <unfixed>
 CVE-2019-13658
        RESERVED
 CVE-2019-13657
@@ -31953,28 +31981,40 @@ CVE-2019-5883 (An Incorrect Access Control issue was 
discovered in GitLab Commun
        NOTE: 
https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
 CVE-2019-5881
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5880
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5879
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5878
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5877
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5876
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5875
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5874
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5873
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5872
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5871
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5870
        RESERVED
+       - chromium <unfixed>
 CVE-2019-5869
        RESERVED
        - chromium <unfixed>
@@ -55164,14 +55204,12 @@ CVE-2018-16875 (The crypto/x509 package of Go before 
1.10.6 and 1.11.x before 1.
        NOTE: https://github.com/golang/go/issues/29233
        NOTE: 
https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 
(1.11.3)
        NOTE: 
https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d 
(1.10.6)
-       TODO: check other versions
 CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" 
command is  ...)
        - golang-1.11 1.11.3-1
        - golang-1.10 1.10.6-1
        NOTE: https://github.com/golang/go/issues/29231
        NOTE: 
https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f 
(1.11.3)
        NOTE: 
https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 
(1.10.6)
-       TODO: check other versions
 CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" 
command is  ...)
        - golang-1.11 1.11.3-1
        - golang-1.10 1.10.6-1
@@ -55180,7 +55218,6 @@ CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 
1.11.3, the "go get" comma
        NOTE: 
https://github.com/golang/go/commit/5aedc8af94c0a8ffc58cbd09993192dea9b238db 
(1.11.3)
        NOTE: 
https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 
(1.10.6)
        NOTE: 
https://github.com/golang/go/commit/7ef6ee2c5727f0d11206b4d1866c18e6ab4785be 
(1.10.6)
-       TODO: check other versions
 CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The 
code openi ...)
        {DSA-4454-1 DLA-1694-1}
        - qemu 1:3.1+dfsg-2 (bug #916397)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21dd1eca52ca7af45fbb2fe764830df6a277eb05

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21dd1eca52ca7af45fbb2fe764830df6a277eb05
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to