Add CVE-2019-11939/thrift

author: Salvatore Bonaccorso <carnil@debian.org> 2020-04-01 08:35:31 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-04-01 08:35:31 +0200
commit: 7db44ca35839f2c6a0102902a299b9fa9c843fc2 (patch)
tree: 343fac4275761ddd09a2231d183294945e6dfa48 /data/CVE/2019.list
parent: b1f6373cec09e82b788c95780dc6a11ccb2d7914 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index fc8b6dda68..646b8afc52 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -22398,7 +22398,8 @@ CVE-2019-11941 (A remote code execution vulnerability was identified in HPE Inte
 CVE-2019-11940 (In the course of decompressing HPACK inside the HTTP2 protocol, an une ...)
 	NOT-FOR-US: Facebook Proxygen
 CVE-2019-11939 (Golang Facebook Thrift servers would not error upon receiving messages ...)
-	TODO: check
+	- thrift <unfixed>
+	NOTE: https://github.com/facebook/fbthrift/commit/483ed864d69f307e9e3b9dadec048216100c0757
 CVE-2019-11938 (Java Facebook Thrift servers would not error upon receiving messages d ...)
 	TODO: check
 CVE-2019-11937 (In Mcrouter prior to v0.41.0, a large struct input provided to the Car ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-04-01 08:35:31 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-04-01 08:35:31 +0200
commit	7db44ca35839f2c6a0102902a299b9fa9c843fc2 (patch)
tree	343fac4275761ddd09a2231d183294945e6dfa48 /data/CVE/2019.list
parent	b1f6373cec09e82b788c95780dc6a11ccb2d7914 (diff)