Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e96ff8bb by Salvatore Bonaccorso at 2020-01-16T22:22:33+01:00 Update information on CVE-2019-20159 experimental version of gpac would be affected, but as unstable is not we do not explicitly track it now as the next upload to experimental will be rebased likely including the fix (so unstable will never be affected). Reference introducing commit for CVE-2019-20159. - - - - - 9c250d16 by Salvatore Bonaccorso at 2020-01-16T22:46:31+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4804,12 +4804,10 @@ CVE-2019-20160 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm NOTE: https://github.com/gpac/gpac/issues/1334 NOTE: https://github.com/gpac/gpac/commit/bcfcb3e90476692fe0d2bb532ea8deeb2a77580e CVE-2019-20159 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...) - - gpac <unfixed> - [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0) - [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0) - [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0) + - gpac <not-affected> (Vulnerable code introduced in 0.7.0) NOTE: https://github.com/gpac/gpac/issues/1321 - NOTE: https://github.com/gpac/gpac/commit/e4c1f09ab9618b6af3bec6b94b8b349f2d01dbf8 + NOTE: Introduced in: https://github.com/gpac/gpac/commit/261fab7f51479ae8b1732350d9d4cc456c4919af (v0.7.0) + NOTE: Fixed by: https://github.com/gpac/gpac/commit/e4c1f09ab9618b6af3bec6b94b8b349f2d01dbf8 CVE-2019-20158 RESERVED CVE-2019-20157 @@ -7331,7 +7329,7 @@ CVE-2019-20099 CVE-2019-20098 RESERVED CVE-2019-20097 (Bitbucket Server and Bitbucket Data Center versions starting from 1.0. ...) - TODO: check + NOT-FOR-US: Bitbucket Server and Bitbucket Data Center CVE-2019-20096 (In the Linux kernel before 5.1, there is a memory leak in __feat_regis ...) - linux 5.2.6-1 [jessie] - linux 3.16.72-1 @@ -14024,7 +14022,7 @@ CVE-2019-19280 CVE-2019-19279 RESERVED CVE-2019-19278 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...) - TODO: check + NOT-FOR-US: SINAMICS CVE-2019-19277 RESERVED CVE-2019-19276 @@ -28996,11 +28994,11 @@ CVE-2019-15014 (A command injection vulnerability exists in the Zingbox Inspecto CVE-2019-15013 (The WorkflowResource class removeStatus method in Jira before version ...) NOT-FOR-US: Atlassian CVE-2019-15012 (Bitbucket Server and Bitbucket Data Center from version 4.13. before 5 ...) - TODO: check + NOT-FOR-US: Bitbucket Server and Bitbucket Data Center CVE-2019-15011 (The ListEntityLinksServlet resource in Application Links before versio ...) NOT-FOR-US: Application Links CVE-2019-15010 (Bitbucket Server and Bitbucket Data Center versions starting from vers ...) - TODO: check + NOT-FOR-US: Bitbucket Server and Bitbucket Data Center CVE-2019-15009 (The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and ...) NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2019-15008 (The /plugins/servlet/branchreview resource in Atlassian Fisheye and Cr ...) @@ -38924,9 +38922,9 @@ CVE-2019-12000 CVE-2019-11999 RESERVED CVE-2019-11998 (HPE Superdome Flex Server is vulnerable to multiple remote vulnerabili ...) - TODO: check + NOT-FOR-US: HPE Superdome Flex Server CVE-2019-11997 (A potential security vulnerability has been identified in HPE enhanced ...) - TODO: check + NOT-FOR-US: HPE CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...) NOT-FOR-US: HPE CVE-2019-11995 (Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unaut ...) @@ -47053,7 +47051,7 @@ CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipul NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/ NOTE: https://github.com/nghttp2/nghttp2/releases/tag/v1.39.2 CVE-2019-9510 (A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2019-9509 RESERVED CVE-2019-9508 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b967ad692175d6a5dc5b8a4958e50abe1976a221...9c250d16845c6840822fb2e5b7346f57f371466f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b967ad692175d6a5dc5b8a4958e50abe1976a221...9c250d16845c6840822fb2e5b7346f57f371466f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits