[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-10219,hibernate-validator: Reference fixing commit

Sun, 05 Jan 2020 10:14:12 -0800 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
70ace504 by Markus Koschany at 2020-01-05T18:43:40+01:00
CVE-2019-10219,hibernate-validator: Reference fixing commit

- - - - -
30b3d65a by Markus Koschany at 2020-01-05T19:12:38+01:00
CVE-2019-10219,libhibernate-validator-java: Jessie, Stretch and Buster are not

affected.

Vulnerable code was introduced later.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39976,9 +39976,12 @@ CVE-2019-10221
 CVE-2019-10220 (Linux kernel CIFS implementation, version 4.9.0 is vulnerable 
to a rel ...)
        - linux 5.3.9-1
 CVE-2019-10219 (A vulnerability was found in Hibernate-Validator. The SafeHtml 
validat ...)
-       - libhibernate-validator-java <undetermined>
+       - libhibernate-validator-java
+       [buster] - libhibernate-validator-java <not-affected> (Vulnerable code 
was introduced later.)
+       [stretch] - libhibernate-validator-java <not-affected> (Vulnerable code 
was introduced later.)
+       [jessie] - libhibernate-validator-java <not-affected> (Vulnerable code 
was introduced later.)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1738673
-       TODO: 20190910: Asked for more information in #1738673. (apo)
+       NOTE: Fixed by 
https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee
 CVE-2019-10218 (A flaw was found in the samba client, all samba versions 
before samba  ...)
        - samba 2:4.11.1+dfsg-2
        [buster] - samba <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c7cffec1db839e2965c7610faa09567b6e9b99ca...30b3d65ab45db793565b9a37ec6756fe6515dd51

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c7cffec1db839e2965c7610faa09567b6e9b99ca...30b3d65ab45db793565b9a37ec6756fe6515dd51
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to