<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19858c7934dc3ffee8bf09727b9b4d99c3867aa9">19858c79</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2021-06-02T21:44:28+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">According to bd44f3fa4db9 ("Update note about CVE-2020-27776")

CVE-2020-27776 was fixed together with the fix for CVE-2020-27764.

Thus the ignored state would be in fract be "wrong" but rather marked as

fixed in the respective version. Given there was DLA 2602-1 covering

those sets of CVEs move the listing of the CVE there.

Alternatively a [stretch] - imagemagick entry with the fixed version

would have been a viable (and practiced) alternative when one does not

want to modify the CVE list of a D[LS]A.

</pre>

</li>

</ul>

<h4>2 changed files:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

<li class="file-stats">

<a href="#c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9">

data/DLA/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19858c7934dc3ffee8bf09727b9b4d99c3867aa9#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

<li id="c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19858c7934dc3ffee8bf09727b9b4d99c3867aa9#c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9"><strong>data/DLA/list</strong></a>

<hr>

<table class="code white" style="font-family: monospace; font-size: 90%;" bgcolor="#fff" width="100%" cellpadding="0" cellspacing="0">

<tr class="line_holder match" id="" style="line-height: 1.6;">

<td class="diff-line-num unfold js-unfold old_line" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>

<td class="diff-line-num unfold js-unfold new_line" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>

<td class="line_content match " style="padding-left: 0.5em; padding-right: 0.5em; color: rgba(0,0,0,0.3);" bgcolor="#fafafa">@@ -210,7 +210,7 @@</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

210

</td>

<td class="new_line diff-line-num" data-linenumber="210" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

210

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC210" class="line" lang="plaintext">    {CVE-2019-11372 CVE-2019-11373 CVE-2020-15395 CVE-2020-26797}</span>

</pre>

</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="211" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

211

</td>

<td class="new_line diff-line-num" data-linenumber="211" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

211

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC211" class="line" lang="plaintext">    [stretch] - libmediainfo 0.7.91-1+deb9u1</span>

</pre>

</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="212" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

212

</td>

<td class="new_line diff-line-num" data-linenumber="212" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

212

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC212" class="line" lang="plaintext">[22 Mar 2021] DLA-2602-1 imagemagick - security update</span>

</pre>

</td>

</tr>

<tr class="line_holder old" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num old" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

213

</td>

<td class="new_line diff-line-num old" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

</td>

<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">

<pre style="margin: 0;">-<span id="LC213" class="line" lang="plaintext">    {CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27761 CVE-2020-27762 CVE-2020-27764 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27774 CVE-2020-27775 CVE-2021-20176 CVE-2021-20241 CVE-2021-20244 CVE-2021-20246}</span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num new" data-linenumber="214" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="213" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

213

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC213" class="line" lang="plaintext">    {CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27761 CVE-2020-27762 CVE-2020-27764 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27774 CVE-2020-27775 <span class="idiff left right">CVE-2020-27776 </span>CVE-2021-20176 CVE-2021-20241 CVE-2021-20244 CVE-2021-20246}</span>

</pre>

</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="214" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

214

</td>

<td class="new_line diff-line-num" data-linenumber="214" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

214

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC214" class="line" lang="plaintext">    [stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u12</span>

</pre>

</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="215" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

215

</td>

<td class="new_line diff-line-num" data-linenumber="215" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

215

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC215" class="line" lang="plaintext">[21 Mar 2021] DLA-2558-2 xterm - regression update</span>

</pre>

</td>

</tr>

<tr class="line_holder" id="" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="216" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

216

</td>

<td class="new_line diff-line-num" data-linenumber="216" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

216

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC216" class="line" lang="plaintext">    [stretch] - xterm 327-2+deb9u2</span>

</pre>

</td>

</tr>

</table>

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19858c7934dc3ffee8bf09727b9b4d99c3867aa9">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19858c7934dc3ffee8bf09727b9b4d99c3867aa9"}}</script>

</p>

</div>

</body>

</html>