Skip to content
Commits on Source (2)
......@@ -23,6 +23,7 @@ CVE-2019-13174
CVE-2019-13173 (fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extra ...)
- node-fstream <unfixed>
[stretch] - node-fstream <ignored> (Nodejs in stretch not covered by security support)
[jessie] - node-fstream <ignored> (Nodejs in jessie not covered by security support)
NOTE: https://www.npmjs.com/advisories/886
NOTE: https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22
CVE-2019-13172
......@@ -1658,6 +1659,7 @@ CVE-2019-12494 (In Gardener before 0.20.0, incorrect access control in seed clus
CVE-2019-12493 (A stack-based buffer over-read exists in PostScriptFunction::transform ...)
- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
- poppler 0.44.0-2
[jessie] - poppler <postponed> (patch applies cleanly, read-only, can't reproduce)
NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/37840827c4073dedfd37915a74eb8fe0c44843c3
CVE-2019-12492 (Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and ...)
NOT-FOR-US: Gallagher Command Centre