Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a6ac3f4 by Salvatore Bonaccorso at 2019-06-14T20:37:59Z
Add fixed version for CVE-2019-543{5,6}/curl via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19322,12 +19322,12 @@ CVE-2019-5437 (Information exposure through the
directory listing in npm's harp
NOT-FOR-US: npm harp module
CVE-2019-5436 (A heap buffer overflow in the TFTP receiving code allows for
DoS or ar ...)
{DLA-1804-1}
- - curl <unfixed> (bug #929351)
+ - curl 7.64.0-4 (bug #929351)
NOTE: https://curl.haxx.se/docs/CVE-2019-5436.html
NOTE: Introduced by: https://github.com/curl/curl/commit/0516ce7786e95
NOTE: Fixed by:
https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275
CVE-2019-5435 (An integer overflow in curl's URL API results in a buffer
overflow in ...)
- - curl <unfixed> (bug #929352)
+ - curl 7.64.0-4 (bug #929352)
[stretch] - curl <not-affected> (Vulnerable code introduced later)
[jessie] - curl <not-affected> (Vulnerable code introduced later)
NOTE: https://curl.haxx.se/docs/CVE-2019-5435.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0a6ac3f41bc75f202394e2ccaf868ae39132e2dd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0a6ac3f41bc75f202394e2ccaf868ae39132e2dd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
