[Git][security-tracker-team/security-tracker][master] Triage results.
Ola Lundqvist
opal at debian.org
Thu Dec 13 21:05:01 GMT 2018
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3a4d473 by Ola Lundqvist at 2018-12-13T21:04:40Z
Triage results.
- - - - -
3 changed files:
- data/CVE/list
- data/dla-needed.txt
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1137,9 +1137,13 @@ CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored XSS
NOT-FOR-US: PHPok
CVE-2018-20005 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a ...)
- mxml <unfixed>
+ [stretch] - mxml <ignored> (Minor issue)
+ [jessie] - mxml <ignored> (Minor issue)
NOTE: https://github.com/michaelrsweet/mxml/issues/234
CVE-2018-20004 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a ...)
- mxml <unfixed>
+ [stretch] - mxml <ignored> (Minor issue)
+ [jessie] - mxml <ignored> (Minor issue)
NOTE: https://github.com/michaelrsweet/mxml/issues/233
CVE-2018-20003
RESERVED
=====================================
data/dla-needed.txt
=====================================
@@ -42,6 +42,8 @@ ghostscript (Lucas Kanashiro)
--
gnutls28
--
+haproxy
+--
jasper
--
libapache-mod-jk (Roberto C. Sánchez)
@@ -120,6 +122,9 @@ policykit-1 (Santiago)
--
qemu
--
+qtbase-opensource-src
+ NOTE: 20181214: Low priority but could be good to fix. Simple patches.
+--
samba (Emilio Pozuelo)
NOTE: 20181203: regression in upstream fix, waiting for confirmed regression fix
--
=====================================
data/dsa-needed.txt
=====================================
@@ -23,6 +23,10 @@ ghostscript
--
glusterfs
--
+gnutls28
+--
+haproxy
+--
libapache-mod-jk
Maintainer proposing an update (and backportig the buster version)
--
@@ -38,6 +42,8 @@ mbedtls
--
mercurial
--
+nettle
+--
openjpeg2 (luciano)
--
openssl1.0
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3a4d47346b2dc3a596cd8153dc8b56a1fc761d6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3a4d47346b2dc3a596cd8153dc8b56a1fc761d6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181213/6fbca5d4/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list