[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2015-9265 rejected in favour of CVE-2018-14622

Salvatore Bonaccorso carnil at debian.org
Thu Aug 30 15:17:00 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a192cb5 by Salvatore Bonaccorso at 2018-08-30T14:14:27Z
CVE-2015-9265 rejected in favour of CVE-2018-14622

- - - - -
f020498d by Salvatore Bonaccorso at 2018-08-30T14:15:57Z
Add note on duplicate CVEs

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -594,10 +594,7 @@ CVE-2018-15888 (An issue was discovered in ASPCMS 2.5.6. When registering ordina
 CVE-2017-18346
 	RESERVED
 CVE-2015-9265
-	[experimental] - libtirpc 1.0.2-0.1
-	- libtirpc <unfixed> (bug #907608)
-	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=968175
-	NOTE: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=1c77f7a869bdea2a34799d774460d1f9983d45f0
+	REJECTED
 CVE-2015-9264 (Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute ...)
 	NOT-FOR-US: Lansweeper
 CVE-2015-9263 (An issue was discovered in post2file.php in Up.Time Monitoring Station ...)


=====================================
data/dla-needed.txt
=====================================
@@ -69,6 +69,7 @@ libspring-java (Abhijith PA)
 libtirpc (Thorsten Alteholz)
   NOTE: 20180830: The SUSE bug report mentions more than one patch.
   NOTE: 20180830: The SUSE bug report points to CVE-2015-9265
+  NOTE: CVE-2015-9265 has been rejected (in favour of CVE-2018-14622)
 --
 libxml2 (Thorsten Alteholz)
   NOTE: 20180720: There are many open CVEs marked as <no-dsa> for jessie and stretch.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0cc4af1a8bf68cacea591f2d820af17fb50b6eae...f020498d1478ee5816a44090f49a630647b16984

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0cc4af1a8bf68cacea591f2d820af17fb50b6eae...f020498d1478ee5816a44090f49a630647b16984
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180830/845abb1d/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list