[Git][security-tracker-team/security-tracker][master] dla-needed: asked mitre for update of libsndfile & tiff cves

Hugo Lefeuvre hle at debian.org
Wed Dec 19 08:15:13 GMT 2018 

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d2e9a3b by Hugo Lefeuvre at 2018-12-19T08:14:56Z
dla-needed: asked mitre for update of libsndfile & tiff cves

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -87,7 +87,8 @@ libphp-phpmailer
   NOTE: 20181218: https://lists.debian.org/debian-lts/2018/12/msg00037.html (abhijith)
 --
 libsndfile (Hugo Lefeuvre)
-  NOTE: 20181214: waiting for upstream to approve my patches before upload
+  NOTE: 20181219: waiting for upstream to approve my patches before upload
+  NOTE: 20181219: CVE-2017-17457/6: asked for cve update as duplicates of CVE-2017-14245/CVE-2017-14246
 --
 linux (Ben Hutchings)
 --
@@ -101,7 +102,7 @@ nss (Roberto C. Sánchez)
   NOTE: 20181217: Contacted Mozilla security with a request for access to the BZ issue. (roberto)
 --
 openjpeg2 (Hugo Lefeuvre)
-  NOTE: CVE-2018-6616: waiting for my patch to be reviewed by upstream
+  NOTE: CVE-2018-6616: 20181219: waiting for my patch to be reviewed by upstream
 --
 pdns (Abhijith PA)
   NOTE: 20181203: Upstream fix contain C++11 standard code. Ported one patch. One more left
@@ -132,7 +133,8 @@ systemd
 --
 tiff (Hugo Lefeuvre)
   NOTE: CVE-2018-19210: Working on a patch, see https://gitlab.com/libtiff/libtiff/merge_requests/47
-  NOTE: CVE-2018-19210: 20181214: got review from upstream, waiting for final ack before uploading
+  NOTE: CVE-2018-19210: 20181219: got review from upstream, waiting for final ack before uploading
+  NOTE: CVE-2018-5360: 20181219: asked for cve update as duplicate of CVE-2014-8127
   NOTE: CVE-2018-18661: Easy to patch, but unable to reproduce the error.
   NOTE: CVE-2018-18661: Not possible to prove it fixes the specified vulnerability.
   NOTE: CVE-2018-18661: See thread starting at https://lists.debian.org/debian-lts/2018/11/msg00033.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d2e9a3b1ceac0c3ecca7e742ebddb97396a5d36

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d2e9a3b1ceac0c3ecca7e742ebddb97396a5d36
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181219/5581e7be/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list