diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-02 21:42:38 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-02 21:42:38 +0100 |
| commit | 4e44c8d6bf75fcb827aa1686a960df57feb69135 (patch) | |
| tree | c806c86a1d34845a7816bc7944ae4a0bcdef2384 | |
| parent | ee9e0aa677188324906500b09f40e52831ddb084 (diff) | |
Track fixes for sphinxsearch via unstable
| -rw-r--r-- | data/CVE/list.2019 | 2 | ||||
| -rw-r--r-- | data/CVE/list.2020 | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 50f465ada7..da9f35c009 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -16871,7 +16871,7 @@ CVE-2019-14513 (Improper bounds checking in Dnsmasq before 2.76 allows an attack CVE-2019-14512 (LimeSurvey 3.17.7+190627 has XSS via Boxes in application/extensions/P ...) - limesurvey <itp> (bug #472802) CVE-2019-14511 (Sphinx Technologies Sphinx 3.1.1 by default has no authentication and ...) - - sphinxsearch <unfixed> (unimportant; bug #939762) + - sphinxsearch 2.2.11-4 (unimportant; bug #939762) NOTE: Issue is just with the default configuration, but can be easily reconfigured NOTE: to listen on localhost only. sphinxsearch will not be started automatically NOTE: and an admin needs first to create anyway a /etc/sphinxsearch/sphinx.conf diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index e65887ca97..19c9dd4d71 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -4978,8 +4978,10 @@ CVE-2020-29052 RESERVED CVE-2020-29051 RESERVED -CVE-2020-29050 +CVE-2020-29050 [arbitrary file reads by scattered file snippets] RESERVED + - sphinxsearch 2.2.11-3 + NOTE: Backported for sphinxsearch from: https://github.com/manticoresoftware/manticoresearch/commit/66b5761ad258c60b1866a8e1333f86e74f48035 CVE-2020-29049 RESERVED CVE-2020-29048 |