summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-02-15 14:28:24 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-02-15 14:28:24 +0100
commite0aac63da5fd3d5ee043acaebd3f741f63cabeac (patch)
tree9a60b5c6b35b0e21ade6d35c7d418eedce978741
parent5a70d8341d45018a899e13011683221084474953 (diff)
Update status for CVE-2019-19343
While the issue is affecting both Undertow and remoting, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1780445#c10 on Red Hat's side to mitigate the issue only a fix was added to remoting. The CVE is quite specific for this memory leak in combination with remoting, thus mark the severity as unimportant, beeing negligible for Debian itself. Still, the issue remains unresolved for undertow, but it does not appear to be interest in a fix.
-rw-r--r--data/CVE/list.20195
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index c679e1677a..f938e26c09 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -2928,8 +2928,11 @@ CVE-2019-19344 (There is a use-after-free issue in all samba 4.9.x versions befo
NOTE: https://www.samba.org/samba/security/CVE-2019-19344.html
CVE-2019-19343
RESERVED
- - undertow <unfixed> (bug #948024)
+ - undertow <unfixed> (bug #948024; unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1780445
+ NOTE: Issue affects both Undertow and rmeoting, but for adressing the immediate
+ NOTE: issue only af fix via remoting (https://issues.redhat.com/browse/REM3-347)
+ NOTE: was added.
CVE-2019-19342 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5 ...)
NOT-FOR-US: Ansible Tower
CVE-2019-19341 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy