Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2344f3af by Moritz Muehlenhoff at 2019-06-15T21:01:36Z
buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71,6 +71,8 @@ CVE-2019-12803
RESERVED
CVE-2019-12802 (In radare2 through 3.5.1, the rcc_context function of
libr/egg/egg_lan ...)
- radare2 <unfixed> (bug #930510)
+ [buster] - radare2 <no-dsa> (Minor issue)
+ [stretch] - radare2 <no-dsa> (Minor issue)
NOTE: https://github.com/radare/radare2/issues/14296
CVE-2019-12801
RESERVED
@@ -6591,10 +6593,12 @@ CVE-2019-10161
RESERVED
CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in
python since ...)
- python3.7 <unfixed>
+ [buster] - python3.7 <no-dsa> (Minor issue)
- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not
applied)
- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not
applied)
- python3.4 <not-affected> (Incomplete fix for CVE-2019-9636 not
applied)
- python2.7 <unfixed>
+ [buster] - python2.7 <no-dsa> (Minor issue)
[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636
not applied)
NOTE: Introduced by:
https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3
(v3.8.0a4)
NOTE: Fixed by:
https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e
(v3.8.0b1)
@@ -6952,6 +6956,7 @@ CVE-2019-10045 (The "action" get_sess_id in the web
application of Pydio through
- ajaxplorer <itp> (bug #668381)
CVE-2019-10044 (Telegram Desktop before 1.5.12 on Windows, and the Telegram
applicatio ...)
- telegram-desktop <unfixed> (bug #927711)
+ [buster] - telegram-desktop <no-dsa> (Minor issue)
NOTE:
https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt
CVE-2019-10043
RESERVED
@@ -7157,10 +7162,12 @@ CVE-2019-9948 (urllib in Python 2.x through 2.7.16
supports the local_file: sche
NOTE: https://github.com/python/cpython/pull/11842
CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16
and ur ...)
- python3.7 <unfixed>
+ [buster] - python3.7 <no-dsa> (Minor issue)
- python3.6 <removed>
- python3.5 <removed>
- python3.4 <removed>
- python2.7 <unfixed>
+ [buster] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue35906
NOTE: Introduced by:
https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262
CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container
Networking Int ...)
@@ -8519,10 +8526,12 @@ CVE-2019-9741 (An issue was discovered in net/http in
Go 1.11.5. CRLF injection
NOTE:
https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16
and ur ...)
- python3.7 <unfixed>
+ [buster] - python3.7 <no-dsa> (Minor issue)
- python3.6 <removed>
- python3.5 <removed>
- python3.4 <removed>
- python2.7 <unfixed>
+ [buster] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue36276
NOTE: https://bugs.python.org/issue30458
CVE-2019-9739
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
