diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-15 14:28:24 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-15 14:28:24 +0100 |
commit | 5b9ac44a45dd85df171d1ae4d0463f6ec577c3ef (patch) | |
tree | 9be94f912b87381a35f16beeab7d603a75108388 /data/CVE/list | |
parent | a786178091677081ace88c2ce84b8c09a8bfdb3d (diff) |
Update status for CVE-2019-19343
While the issue is affecting both Undertow and remoting, cf.
https://bugzilla.redhat.com/show_bug.cgi?id=1780445#c10 on Red Hat's
side to mitigate the issue only a fix was added to remoting.
The CVE is quite specific for this memory leak in combination with
remoting, thus mark the severity as unimportant, beeing negligible for
Debian itself. Still, the issue remains unresolved for undertow, but it
does not appear to be interest in a fix.
Diffstat (limited to 'data/CVE/list')
-rw-r--r-- | data/CVE/list | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index d40ee1fcf3..c91449b44d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -18188,8 +18188,11 @@ CVE-2019-19344 (There is a use-after-free issue in all samba 4.9.x versions befo NOTE: https://www.samba.org/samba/security/CVE-2019-19344.html CVE-2019-19343 RESERVED - - undertow <unfixed> (bug #948024) + - undertow <unfixed> (bug #948024; unimportant) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1780445 + NOTE: Issue affects both Undertow and rmeoting, but for adressing the immediate + NOTE: issue only af fix via remoting (https://issues.redhat.com/browse/REM3-347) + NOTE: was added. CVE-2019-19342 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5 ...) NOT-FOR-US: Ansible Tower CVE-2019-19341 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where ...) |