diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2019-10-29 08:47:28 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2019-10-29 08:47:28 +0100 |
| commit | b1be5fdf265ddd61d147d1c649338a84c2ca5b74 (patch) | |
| tree | 253ba310532e56e3c33bfe10278e54d04c5b0258 /data | |
| parent | b100a599d4e5e33efb4c419601723fcc676869d9 (diff) | |
new cpio issue
ansible fixed
add additional references for PHP FPM issue
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/data/CVE/list b/data/CVE/list index 947b4e7c8d..0b93a16999 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -10958,11 +10958,13 @@ CVE-2019-14867 RESERVED CVE-2019-14866 RESERVED + - cpio <unfixed> + NOTE: https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html CVE-2019-14865 RESERVED CVE-2019-14864 RESERVED - - ansible <unfixed> (low) + - ansible 2.8.6+dfsg-1 (low) NOTE: https://github.com/ansible/ansible/issues/63522 NOTE: https://github.com/ansible/ansible/pull/63527 CVE-2019-14863 @@ -10991,7 +10993,7 @@ CVE-2019-14859 [DER encoding is not being verified in signatures] NOTE: https://github.com/warner/python-ecdsa/pull/124 NOTE: Fix for CVE-2019-14853 fixes as well CVE-2019-14859. CVE-2019-14858 (A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible ...) - - ansible <unfixed> (bug #942332) + - ansible 2.8.6+dfsg-1 (bug #942332) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760593 NOTE: https://github.com/ansible/ansible/pull/63405 CVE-2019-14857 @@ -11050,7 +11052,7 @@ CVE-2019-14848 CVE-2019-14847 RESERVED CVE-2019-14846 (Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ...) - - ansible <unfixed> (low; bug #942188) + - ansible 2.8.6+dfsg-1 (low; bug #942188) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1755373 NOTE: https://github.com/ansible/ansible/pull/63366 CVE-2019-14845 (A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. ...) @@ -22893,6 +22895,8 @@ CVE-2019-11043 (In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x - php5 <removed> NOTE: Fixed in PHP 7.3.11, 7.2.24 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78599 + NOTE: https://www.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx + NOTE: http://git.php.net/?p=php-src.git;a=commit;h=ab061f95ca966731b1c84cf5b7b20155c0a1c06a CVE-2019-11042 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...) {DSA-4529-1 DSA-4527-1 DLA-1878-1} - php7.3 7.3.8-1 @@ -25010,7 +25014,7 @@ CVE-2019-10218 RESERVED CVE-2019-10217 RESERVED - - ansible <unfixed> (bug #934128) + - ansible 2.8.6+dfsg-1 (bug #934128) [buster] - ansible <not-affected> (Vulnerable code introduced later) [stretch] - ansible <not-affected> (Vulnerable code introduced later) [jessie] - ansible <not-affected> (vulnerable code introduced later) @@ -25074,7 +25078,7 @@ CVE-2019-14856 [Incomplete fix for CVE-2019-10206] NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829 CVE-2019-10206 [disclosure data when prompted for password and template characters are passed] RESERVED - - ansible <unfixed> (bug #933005) + - ansible 2.8.6+dfsg-1 (bug #933005) [buster] - ansible <no-dsa> (Minor issue) [stretch] - ansible <no-dsa> (Minor issue) [jessie] - ansible <no-dsa> (Minor issue) |