<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/aa913c316f74db1a8788a8c0de0cded141a5fa8f">aa913c31</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:43Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Mark CVE-2019-11191 as unimportant

Maybe the CVE should be rejected. Triage in kernel-sec showed that it's

basically a non-issue as only ELF support ASLR.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/2df2d85f08894913bd15c2ce86fba2a1420a093f">2df2d85f</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:43Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Mark CVE-2019-10124 as not-affected for jessie

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/b5bdd77d31fb05b7824abf33d741c88886d05f36">b5bdd77d</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:44Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Mark CVE-2019-8980 as not-affected for jessie

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d6df07333ee1f0c340b80eea70633efc74575e0">0d6df073</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:44Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Mark CVE-2019-3887/linux as not-affected for stretch and jessie

The vulnerability was introduced in later versions only.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/74fd191a6744c8d674ebad5a92ff75e0bbf62365">74fd191a</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:45Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Ignore CVE-2019-3874/linux for stretch and jessie

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/09ac9b1401e2fa0d779731e22921bb000062a047">09ac9b14</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-25T21:19:45Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Ignore CVe-2019-2025/linux for stretch and jessie

Binder was not enabled in those versions.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/765cccb6f469bd3121c6e6a88566edd5c697e8f6...09ac9b1401e2fa0d779731e22921bb000062a047#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/765cccb6f469bd3121c6e6a88566edd5c697e8f6...09ac9b1401e2fa0d779731e22921bb000062a047">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

</p>

</div>

</body>

</html>