summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorReinhard Tartler <siretart@debian.org>2022-07-04 14:56:54 +0000
committerReinhard Tartler <siretart@debian.org>2022-07-04 14:56:54 +0000
commit9479ca4f07d4ba4b966a18d6c09b76b296671991 (patch)
tree7540348aa5dacc5828f5786d9390c3ede2e704e2
parentbb0585423195631856e527d83b0e26c7914b3f85 (diff)
parentf8887742470df76b533521cf383883b6618a39ee (diff)
Merge branch 'CVE-2019-25067' into 'master'
info about CVE-2019-25067 See merge request security-tracker-team/security-tracker!110
-rw-r--r--data/CVE/list7
1 files changed, 4 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list
index d9801f23dd..ff474ee511 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6656,12 +6656,13 @@ CVE-2019-25069 (A vulnerability, which was classified as problematic, has been f
CVE-2019-25068 (A vulnerability classified as critical was found in Axios Italia Axios ...)
NOT-FOR-US: Axios Italia Axios RE
CVE-2019-25067 (A vulnerability, which was classified as critical, was found in Podman ...)
- - libpod <undetermined>
+ - libpod 3.0.0+dfsg1-1
NOTE: https://vuldb.com/?id.143949
NOTE: https://www.exploit-db.com/exploits/47500
NOTE: exploit demo script on client uses Python podman code which is not in Debian
- NOTE: refers to old versions of remote code which were never uploaded to Debian
- NOTE: unclear if the issue was ever reported upstream, could be Fedora/RedHat specific
+ NOTE: refers to old versions of remote code which never made it to a Debian release
+ NOTE: issue probably present in all versions with varlink, starting 1.6.2+dfsg-1
+ NOTE: upstream (Fedora/RedHat) refuses to look into it: https://bugzilla.redhat.com/show_bug.cgi?id=2097496
CVE-2019-25066 (A vulnerability has been found in ajenti 2.1.31 and classified as crit ...)
- ajenti <itp> (bug #792019)
CVE-2019-25065 (A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy