Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d439990 by Salvatore Bonaccorso at 2019-12-04T08:10:52Z
Add fixed version for CVE-2019-11745/nss
- - - - -
815d8a01 by Salvatore Bonaccorso at 2019-12-04T08:11:17Z
Merge remote-tracking branch 'origin/master'
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26383,7 +26383,7 @@ CVE-2019-11746 (A use-after-free vulnerability can
occur while manipulating vide
CVE-2019-11745 [Out-of-bounds write when passing an output buffer smaller than
the block size to NSC_EncryptUpdate]
RESERVED
{DLA-2008-1}
- - nss <unfixed>
+ - nss 2:3.47.1-1
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1586176 (not public)
NOTE: Upstream patch:
https://hg.mozilla.org/releases/mozilla-esr68/rev/ea1bc0fb2dda
NOTE: Fixed in 3.44.3 and 3.47.1 upstream.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/3c77997f5c4f17b82a5b59c54c56851e4ec07434...815d8a0186321003866240f15679c6ae19cd4d74
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/3c77997f5c4f17b82a5b59c54c56851e4ec07434...815d8a0186321003866240f15679c6ae19cd4d74
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
