"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2019-11-27 15:00:56 +00:00 · 2019-11-27 15:00:56 +00:00 · cde0dab4e3
commit cde0dab4e3
parent f0914dca34
4 changed files with 67 additions and 8 deletions
--- a/2019/17xxx/CVE-2019-17531.json
+++ b/2019/17xxx/CVE-2019-17531.json
@ -66,6 +66,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20191024-0005/",
                "url": "https://security.netapp.com/advisory/ntap-20191024-0005/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[pulsar-commits] 20191127 [GitHub] [pulsar] massakam opened a new pull request #5758: Bump jackson libraries to 2.10.1",
+                "url": "https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E"
            }
        ]
    }
--- a/2019/19xxx/CVE-2019-19252.json
+++ b/2019/19xxx/CVE-2019-19252.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices."
+                "value": "vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://lore.kernel.org/lkml/c30fc539-68a8-65d7-226c-6f8e6fd8bdfb@suse.com/",
                "refsource": "MISC",
                "name": "https://lore.kernel.org/lkml/c30fc539-68a8-65d7-226c-6f8e6fd8bdfb@suse.com/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=0c9acb1af77a3cb8707e43f45b72c95266903cee",
+                "url": "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=0c9acb1af77a3cb8707e43f45b72c95266903cee"
            }
        ]
    }
--- a/2019/19xxx/CVE-2019-19308.json
+++ b/2019/19xxx/CVE-2019-19308.json
@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2019-19308",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2019-19308",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/GNOME/gnome-font-viewer/blob/919dfbe684b75904563b8c6723c9778a4e00aad7/src/sushi-font-widget.c#L115-L117",
+                "refsource": "MISC",
+                "name": "https://github.com/GNOME/gnome-font-viewer/blob/919dfbe684b75904563b8c6723c9778a4e00aad7/src/sushi-font-widget.c#L115-L117"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://gitlab.gnome.org/GNOME/gnome-font-viewer/issues/17",
+                "url": "https://gitlab.gnome.org/GNOME/gnome-font-viewer/issues/17"
            }
        ]
    }
--- a/2019/8xxx/CVE-2019-8460.json
+++ b/2019/8xxx/CVE-2019-8460.json
@ -70,7 +70,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologies Ltd. discovered that OpenBSD kernel (all versions, including 6.5) can be forced to create long chains of TCP SACK holes that cause very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service."
+                "value": "OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service."
            }
        ]
    }