<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0548e38998f07e001d8e17a7575938189d5e4d2">d0548e38</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-02-10T14:18:08Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Reference upstream commit for CVE-2018-11696 which was merged

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/75b2d8dfd317b0b711c58ef556a7f6233304d9db">75b2d8df</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-02-10T14:18:37Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Fix for CVE-2018-11696 was only included in 3.5.5-1

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/ed0962bb5b6ca818878022d0b71adead6f5b4770">ed0962bb</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-02-10T14:19:15Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Update commit for CVE-2018-11697

The original approach via

https://github.com/xzyfer/libsass/commit/024bb12511ce43fae8bb3737558f5cfe37a38a59

was withdrawn an later

https://github.com/sass/libsass/commit/eb15533b07773c30dc03c9d742865604f47120ef

commited.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/49b06ac7994143fd3a9bafc43fedbdbe4be107e7">49b06ac7</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-02-10T14:19:50Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Update status for CVE-2018-11697

https://github.com/sass/libsass/commit/eb15533b07773c30dc03c9d742865604f47120ef

is not yet included in src:libsass .

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/4a961fce792554c6c01fc030777fcb633b46481e...49b06ac7994143fd3a9bafc43fedbdbe4be107e7#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/4a961fce792554c6c01fc030777fcb633b46481e...49b06ac7994143fd3a9bafc43fedbdbe4be107e7">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

</p>

</div>

</body>

</html>