diff options
| author | Markus Koschany <apo@debian.org> | 2019-07-17 02:42:14 +0200 |
|---|---|---|
| committer | Markus Koschany <apo@debian.org> | 2019-07-17 02:42:14 +0200 |
| commit | b21461aee2a89ffd1988e8aa314342adc72ae097 (patch) | |
| tree | 31a7f038af854167124950355f94816d8f6bab62 /data | |
| parent | 53274837e1fed66c197bb28f96f7d663bd0656ee (diff) | |
CVE-2019-13225,libonig: Jessie is not affected.
The vulnerable code was introduced later. This was confirmed by upstream in
https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c#commitcomment-34298393
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 793631a6fc..ac655edb41 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1893,6 +1893,7 @@ CVE-2019-13225 (A NULL Pointer Dereference in match_at() in regexec.c in Oniguru - libonig 6.9.2-1 (low; bug #931878) [buster] - libonig <no-dsa> (Minor issue) [stretch] - libonig <no-dsa> (Minor issue) + [jessie] - libonig <not-affected> (vulnerable code was introduced later) NOTE: https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c CVE-2019-13224 (A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ...) - libonig 6.9.2-1 (low; bug #931878) |