[Git][security-tracker-team/security-tracker][master] Reserve DLA-1486-1 for libtirpc

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc32cdb6 by Thorsten Alteholz at 2018-08-31T21:08:11Z
Reserve DLA-1486-1 for libtirpc

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Aug 2018] DLA-1487-1 libtirpc - security update
+	{CVE-2018-14622}
+	[jessie] - libtirpc 0.2.5-1+deb8u2
 [31 Aug 2018] DLA-1486-1 spice - security update
 	{CVE-2018-10873}
 	[jessie] - spice 0.12.5-1+deb8u6


=====================================
data/dla-needed.txt
=====================================
@@ -60,11 +60,6 @@ libav (Hugo Lefeuvre)
 --
 libspring-java (Abhijith PA)
 --
-libtirpc (Thorsten Alteholz)
-  NOTE: 20180830: The SUSE bug report mentions more than one patch.
-  NOTE: 20180830: The SUSE bug report points to CVE-2015-9265
-  NOTE: CVE-2015-9265 has been rejected (in favour of CVE-2018-14622)
---
 libxml2 (Thorsten Alteholz)
   NOTE: 20180720: There are many open CVEs marked as <no-dsa> for jessie and stretch.
   NOTE: 20180720: My  sense is that someone should go over them and fix those that are fixable.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc32cdb6857549930ff4fe01de7406af8aadaf89

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc32cdb6857549930ff4fe01de7406af8aadaf89
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180831/60e6a12c/attachment.html>