summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-01-30 12:48:18 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-01-30 12:50:09 +0100
commit5a24cd4871d103d14cff162151d67e45c3db08ba (patch)
tree4d522f4d32485b9758d21ae7fb493653f842fd5e
parentacf116e3087ede828ee9cd309fa1ae7143817028 (diff)
Adjust tracking of CVE-2019-9143 and CVE-2019-9144
The issues until some time ago only ever affected experimental, but then a 0.27.2 based version was uploaded to unstable moving the vulnerable state there. Adjust tracking and mark the fixed version first in unstable as 0.27.2-8.
-rw-r--r--data/CVE/list.201912
1 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index b6b99b9556..a9bcc0d632 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -30247,12 +30247,16 @@ CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to ob
CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability ...)
NOT-FOR-US: Hsycms
CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
- [experimental] - exiv2 <unfixed> (low; bug #923473)
- - exiv2 <not-affected> (Vulnerable code introduced later)
+ - exiv2 0.27.2-8 (low; bug #923473)
+ [buster] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Exiv2/exiv2/issues/712
CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...)
- [experimental] - exiv2 <unfixed> (low; bug #923472)
- - exiv2 <not-affected> (Vulnerable code introduced later)
+ - exiv2 0.27.2-8 (low; bug #923472)
+ [buster] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
+ [jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/Exiv2/exiv2/issues/711
CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...)
NOT-FOR-US: b3log Symphony (aka Sym)

© 2014-2024 Faster IT GmbH | imprint | privacy policy