Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f0a195bb by Salvatore Bonaccorso at 2019-11-26T20:56:22Z Track two new freeipa issues Unfortunately the respective Red Hat Bugzilla entries are kept private at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14867 and https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10195 but for the fixed version via unstable trusting here the maintainer to have got it right. Thus start tracking those two new CVEs and search for details. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -15010,6 +15010,7 @@ CVE-2019-14868 RESERVED CVE-2019-14867 RESERVED + - freeipa 4.8.3-1 CVE-2019-14866 [improper input validation when writing tar header fields leads to unexpect tar generation] RESERVED {DLA-1981-1} @@ -29326,6 +29327,7 @@ CVE-2019-10196 NOT-FOR-US: nodejs-http-proxy-agent CVE-2019-10195 RESERVED + - freeipa 4.8.3-1 CVE-2019-10194 (Sensitive passwords used in deployment and configuration of oVirt Metr ...) NOT-FOR-US: ovirt-engine-metrics CVE-2019-10193 (A stack-buffer overflow vulnerability was found in the Redis hyperlogl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0a195bb7425c80a29a7044db3feaf485a9959d1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0a195bb7425c80a29a7044db3feaf485a9959d1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits