Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 70393f1f by Moritz Muehlenhoff at 2019-10-28T16:34:37Z additional ATS HTTP/2 issue has been clarified - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== @@ -25158,8 +25158,7 @@ CVE-2019-10080 RESERVED CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...) - trafficserver 8.0.5+ds-1 - NOTE: The reference listed is for Tomcat, hard to tell what this is about - NOTE: Pinged MITRE for fixing the reference + NOTE: https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...) - jspwiki <removed> CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS vulnerability ...) ===================================== data/DSA/list ===================================== @@ -116,7 +116,7 @@ {CVE-2019-13139 CVE-2019-13509 CVE-2019-14271} [buster] - docker.io 18.09.1+dfsg1-7.1+deb10u1 [09 Sep 2019] DSA-4520-1 trafficserver - security update - {CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518} + {CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518 CVE-2019-10079} [buster] - trafficserver 8.0.2+ds-1+deb10u1 [08 Sep 2019] DSA-4519-1 libreoffice - security update {CVE-2019-9854} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70393f1faeaae14fdb1305e75edf65be1c2d5a2a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70393f1faeaae14fdb1305e75edf65be1c2d5a2a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits