diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-30 12:48:18 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-30 12:50:09 +0100 |
commit | 50bc27ce54b5d70daf38cde9022454af555e1c7c (patch) | |
tree | 71caf42e226e6347fac7bf2b59416da8a1111fa6 /data/CVE/2019.list | |
parent | c4a648479c804e52739167cd2c4eb496715fa310 (diff) |
Adjust tracking of CVE-2019-9143 and CVE-2019-9144
The issues until some time ago only ever affected experimental, but then
a 0.27.2 based version was uploaded to unstable moving the vulnerable
state there. Adjust tracking and mark the fixed version first in
unstable as 0.27.2-8.
Diffstat (limited to 'data/CVE/2019.list')
-rw-r--r-- | data/CVE/2019.list | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index b6b99b9556..a9bcc0d632 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -30247,12 +30247,16 @@ CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to ob CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability ...) NOT-FOR-US: Hsycms CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...) - [experimental] - exiv2 <unfixed> (low; bug #923473) - - exiv2 <not-affected> (Vulnerable code introduced later) + - exiv2 0.27.2-8 (low; bug #923473) + [buster] - exiv2 <not-affected> (Vulnerable code introduced later) + [stretch] - exiv2 <not-affected> (Vulnerable code introduced later) + [jessie] - exiv2 <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/Exiv2/exiv2/issues/712 CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at ...) - [experimental] - exiv2 <unfixed> (low; bug #923472) - - exiv2 <not-affected> (Vulnerable code introduced later) + - exiv2 0.27.2-8 (low; bug #923472) + [buster] - exiv2 <not-affected> (Vulnerable code introduced later) + [stretch] - exiv2 <not-affected> (Vulnerable code introduced later) + [jessie] - exiv2 <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/Exiv2/exiv2/issues/711 CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...) NOT-FOR-US: b3log Symphony (aka Sym) |