Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8122eafd by Salvatore Bonaccorso at 2019-03-22T07:54:41Z
Correct association of morgan node module issue
I swapped wrongly the CVE identifier for the morgan node.js module which
is CVE-2019-5413 actually and CVE-2019-3830 is for ceilometer.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11595,7 +11595,7 @@ CVE-2019-5415 (A bug in handling the ignore files and
directories feature in ser
CVE-2019-5414 (If an attacker can control the port, which in itself is a very
sensiti ...)
TODO: check
CVE-2019-5413 (An attacker can use the format parameter to inject arbitrary
commands ...)
- TODO: check
+ NOT-FOR-US: morgan node module
CVE-2019-5412
RESERVED
CVE-2019-5411
@@ -14869,7 +14869,6 @@ CVE-2019-3831
- vdsm <itp> (bug #668538)
CVE-2019-3830
RESERVED
- NOT-FOR-US: morgan node module
CVE-2019-3829
RESERVED
CVE-2019-3828 [path traversal in the fetch module]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8122eafda7c22e324ed07af55d2dd552df32792a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8122eafda7c22e324ed07af55d2dd552df32792a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
