Reference upstream commit for CVE-2019-18932/sarg

author: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 10:50:46 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 10:51:35 +0100
commit: e9a584f956e5560d763a95ae15cb14e9b4edc292 (patch)
tree: 7ffd1afd2c9cfb048f9461482b1ec56c1b1a9f64 /data/CVE/2019.list
parent: 5385106a9a21b36d04062f278da1c2e49197d9be (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 044a5ed6ea..b0f6418040 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -3903,6 +3903,7 @@ CVE-2019-18932 (log.c in Squid Analysis Report Generator (sarg) through 2.3.11 a
 	NOTE: https://www.openwall.com/lists/oss-security/2020/01/20/6
 	NOTE: The sarg-reports as shipped in Debian has already safe use of mktemp for
 	NOTE: use of temporary files and directories.
+	NOTE: Fixed by: https://sourceforge.net/p/sarg/code/ci/8ec6d20be8c0da3c885aba78e63251f2e5080748
 CVE-2019-18931 (Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer O ...)
 	NOT-FOR-US: Western Digital My Cloud EX2 Ultra firmware
 CVE-2019-18930 (Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users  ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 10:50:46 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 10:51:35 +0100
commit	e9a584f956e5560d763a95ae15cb14e9b4edc292 (patch)
tree	7ffd1afd2c9cfb048f9461482b1ec56c1b1a9f64 /data/CVE/2019.list
parent	5385106a9a21b36d04062f278da1c2e49197d9be (diff)