diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-06 10:18:37 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-06 10:21:51 +0100 |
| commit | 60bf99562d2e1203cddc11a15fbad3d733711c9a (patch) | |
| tree | f5f345c709e2294ab125a119af52fdd70a82488d /data/CVE/2019.list | |
| parent | f89c93558cbb27d667843500f758cd3984fd46f3 (diff) | |
Merge updates acked and included in the Debian buster 10.8 point release
For the first time with the help of 'merge-cve-files' as implemented by
Emilio Pozuelo Monfort.
next-point-update.txt: Cleanup list from merged entries
Diffstat (limited to 'data/CVE/2019.list')
| -rw-r--r-- | data/CVE/2019.list | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index f7ac573379..e811896ddb 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -3688,7 +3688,7 @@ CVE-2019-19554 RESERVED CVE-2019-19553 (In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector cou ...) - wireshark 3.0.7-1 (low) - [buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA) + [buster] - wireshark 2.6.20-0+deb10u1 [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA) [jessie] - wireshark <postponed> (Can be fixed along in next 1.12.x DLA) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15961 @@ -11767,7 +11767,7 @@ CVE-2019-16277 (PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cs NOT-FOR-US: PicoC CVE-2019-16319 (In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector ...) - wireshark 3.0.4-1 (low) - [buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA) + [buster] - wireshark 2.6.20-0+deb10u1 [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA) [jessie] - wireshark <not-affected> (Vulnerable code not present) NOTE: https://www.wireshark.org/security/wnpa-sec-2019-21.html @@ -16355,7 +16355,7 @@ CVE-2019-14585 CVE-2019-14584 RESERVED - edk2 2020.11-1 (bug #977300) - [buster] - edk2 <no-dsa> (Minor issue) + [buster] - edk2 0~20181115.85588389-3+deb10u3 [stretch] - edk2 <ignored> (Minor issue) NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1914 NOTE: https://github.com/tianocore/edk2/commit/26442d11e620a9e81c019a24a4ff38441c64ba10 @@ -18973,7 +18973,7 @@ CVE-2019-13620 RESERVED CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ...) - wireshark 2.6.10-1 (low) - [buster] - wireshark <postponed> (Can be fixed along in next 2.6.x release) + [buster] - wireshark 2.6.20-0+deb10u1 [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release) [jessie] - wireshark <not-affected> (vulnerable code not present, binary encoding not yet supported) NOTE: https://www.wireshark.org/security/wnpa-sec-2019-20.html @@ -28255,7 +28255,7 @@ CVE-2019-10204 RESERVED CVE-2019-10203 (PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1. ...) - pdns 4.2.0-1 (low; bug #970729) - [buster] - pdns <no-dsa> (Minor issue) + [buster] - pdns 4.1.6-3+deb10u1 [stretch] - pdns <no-dsa> (Minor issue) [jessie] - pdns <no-dsa> (Minor issue) NOTE: Fixed in 4.2.0, 4.1.11, 4.0.9, for existing installations a manual schema update |