summaryrefslogtreecommitdiffstats
path: root/data/CVE/list
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-01-30 12:48:18 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-01-30 12:50:09 +0100
commite0b1aa47df2cfbd319419bffb8041db2a195a98e (patch)
tree1a31dd842e73e652a29d3d32122d21f117cb50e3 /data/CVE/list
parent145d50d974fc43a37171606ba9c3c3d8c5f2271e (diff)
Adjust tracking of CVE-2019-9143 and CVE-2019-9144
The issues until some time ago only ever affected experimental, but then a 0.27.2 based version was uploaded to unstable moving the vulnerable state there. Adjust tracking and mark the fixed version first in unstable as 0.27.2-8.
Diffstat (limited to 'data/CVE/list')
-rw-r--r--data/CVE/list12
1 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b6370d4774..916d659717 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -50966,12 +50966,16 @@ CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to ob
CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability ...)
NOT-FOR-US: Hsycms
CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
- [experimental] - exiv2 <unfixed> (low; bug #923473)
- - exiv2 <not-affected> (Vulnerable code introduced later)
+ - exiv2 0.27.2-8 (low; bug #923473)
+ [buster] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Exiv2/exiv2/issues/712
CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
- [experimental] - exiv2 <unfixed> (low; bug #923472)
- - exiv2 <not-affected> (Vulnerable code introduced later)
+ - exiv2 0.27.2-8 (low; bug #923472)
+ [buster] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Exiv2/exiv2/issues/711
CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...)
NOT-FOR-US: b3log Symphony (aka Sym)

© 2014-2024 Faster IT GmbH | imprint | privacy policy