[Git][security-tracker-team/security-tracker][master] new vlc issue fixed already

Moritz Muehlenhoff Wed, 19 Jun 2019 06:48:24 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
769cefc7 by Moritz Muehlenhoff at 2019-06-19T13:47:31Z
new vlc issue fixed already
mysql 5.7 fixed

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2019-12876
 CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged 
member of the ...)
        TODO: check
 CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in 
modules/demux/mkv/ ...)
-       - vlc <unfixed>
+       - vlc 3.0.7-1
        [jessie] - vlc <end-of-life> 
(https://lists.debian.org/debian-security-announce/2018/msg00130.html)
        NOTE: 
http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
 CVE-2019-12873
@@ -1075,8 +1075,8 @@ CVE-2019-12436 [Samba AD DC LDAP server crash (paged 
searches)]
 CVE-2019-12435 [Samba AD DC Denial of Service in DNS management server 
(dnsserver)]
        RESERVED
        - samba <unfixed>
-       [stretch] - samba <not-affected> (Only affects Samba codebasis since 
4.9 and 4.10)
-       [jessie] - samba <not-affected> (Only affects Samba codebasis since 4.9 
and 4.10)
+       [stretch] - samba <not-affected> (Only affects Samba since 4.9)
+       [jessie] - samba <not-affected> (Only affects Samba since 4.9)
        NOTE: https://www.samba.org/samba/security/CVE-2019-12435.html
 CVE-2019-12434 [Private Project Discovery via Comment Links]
        RESERVED
@@ -27064,7 +27064,7 @@ CVE-2019-2684 (Vulnerability in the Java SE, Java SE 
Embedded component of Oracl
        - openjdk-8 8u212-b03-1
        - openjdk-11 11.0.3+7-1
 CVE-2019-2683 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2682 (Vulnerability in the Oracle Applications Framework component of 
Oracle ...)
        NOT-FOR-US: Oracle
@@ -27172,7 +27172,7 @@ CVE-2019-2634 (Vulnerability in the MySQL Server 
component of Oracle MySQL (subc
 CVE-2019-2633 (Vulnerability in the Oracle Work in Process component of Oracle 
E-Busi ...)
        NOT-FOR-US: Oracle
 CVE-2019-2632 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2631 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
        - mysql-5.7 <not-affected> (Only affects MySQL 8)
@@ -27182,7 +27182,7 @@ CVE-2019-2629 (Vulnerability in the Oracle Health 
Sciences Data Management Workb
        NOT-FOR-US: Oracle
 CVE-2019-2628 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
        - mariadb-10.3 1:10.3.15-1 (bug #928393)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
        NOTE: Fixed in MariaDB: 10.3.15
 CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
@@ -27191,7 +27191,7 @@ CVE-2019-2627 (Vulnerability in the MySQL Server 
component of Oracle MySQL (subc
        [stretch] - mariadb-10.1 <no-dsa> (Minor issue)
        - mariadb-10.0 <removed>
        [jessie] - mariadb-10.0 <postponed> (Minor issue)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
        NOTE: Fixed in MariaDB: 10.3.15, 10.1.39
 CVE-2019-2626 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
@@ -27224,7 +27224,7 @@ CVE-2019-2614 (Vulnerability in the MySQL Server 
component of Oracle MySQL (subc
        [stretch] - mariadb-10.1 <no-dsa> (Minor issue)
        - mariadb-10.0 <removed>
        [jessie] - mariadb-10.0 <postponed> (Minor issue)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
        NOTE: Fixed in MariaDB 10.3.15, 10.1.39
 CVE-2019-2613 (Vulnerability in the Oracle Outside In Technology component of 
Oracle  ...)
@@ -27273,7 +27273,7 @@ CVE-2019-2594 (Vulnerability in the PeopleSoft 
Enterprise PT PeopleTools compone
 CVE-2019-2593 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
        - mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2019-2592 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2591 (Vulnerability in the PeopleSoft Enterprise HRMS component of 
Oracle Pe ...)
        NOT-FOR-US: Oracle
@@ -27296,7 +27296,7 @@ CVE-2019-2583 (Vulnerability in the Oracle iSupplier 
Portal component of Oracle
 CVE-2019-2582 (Vulnerability in the Core RDBMS component of Oracle Database 
Server. S ...)
        NOT-FOR-US: Oracle
 CVE-2019-2581 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2580 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
        - mysql-5.7 <not-affected> (Only affects MySQL 8)
@@ -27328,7 +27328,7 @@ CVE-2019-2568 (Vulnerability in the Oracle WebLogic 
Server component of Oracle F
 CVE-2019-2567 (Vulnerability in the Oracle Configurator component of Oracle 
Supply Ch ...)
        NOT-FOR-US: Oracle
 CVE-2019-2566 (Vulnerability in the MySQL Server component of Oracle MySQL 
(subcompon ...)
-       - mysql-5.7 <unfixed> (bug #927308)
+       - mysql-5.7 5.7.26-1 (bug #927308)
        NOTE: 
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
 CVE-2019-2565 (Vulnerability in the JD Edwards World Technical Foundation 
component o ...)
        NOT-FOR-US: Oracle


=====================================
data/DSA/list
=====================================
@@ -23,7 +23,7 @@
        {CVE-2019-11358 CVE-2019-12466 CVE-2019-12467 CVE-2019-12468 
CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 
CVE-2019-12474}
        [stretch] - mediawiki 1:1.27.7-1~deb9u1
 [12 Jun 2019] DSA-4459-1 vlc - security update
-       {CVE-2019-5439}
+       {CVE-2019-5439 CVE-2019-12874}
        [stretch] - vlc 3.0.7-0+deb9u1
 [08 Jun 2019] DSA-4458-1 cyrus-imapd - security update
        {CVE-2019-11356}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/769cefc7c93c792c2fe5209c88c369a80186cace

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/769cefc7c93c792c2fe5209c88c369a80186cace
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new vlc issue fixed already

Reply via email to