Andrej Shadura pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5556b6eb by Andrej Shadura at 2019-01-15T11:57:18Z
Add details for CVE-2019-5885
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -906,9 +906,10 @@ CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. In
the UnlinkDir method
NOT-FOR-US: ShopXO
CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the ...)
NOT-FOR-US: ShopXO
-CVE-2019-5885
+CVE-2019-5885 [Synapse: Blindly trusts macaroon_secret_key in the config,
which may not be a valid macaroon]
RESERVED
- matrix-synapse 0.34.1.1-1
+ - matrix-synapse 0.34.0-3~bpo9+2
NOTE:
https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
CVE-2019-5884 (php/elFinder.class.php in elFinder before 2.1.45 leaks
information if ...)
NOT-FOR-US: elFinder
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5556b6eb6744b9b9a883d338fa7bb57044cf8dc4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5556b6eb6744b9b9a883d338fa7bb57044cf8dc4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
