[Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for upcoming nagios3 update.

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a44c19fc by Markus Koschany at 2018-12-24T16:19:12Z
Remove no-dsa tags for upcoming nagios3 update.

- - - - -
dfa0b03e by Markus Koschany at 2018-12-24T16:20:34Z
Reserve DLA-1615-1 for nagios3

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -113304,7 +113304,6 @@ CVE-2016-9567 (The mDNIe system service on Samsung Mobile S7 devices with M(6.0)
 CVE-2016-9566 (base/logging.c in Nagios Core before 4.2.4 allows local users with ...)
 	{DLA-751-1}
 	- nagios3 <removed>
-	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/c29557dec91eba2306f5fb11b8da4474ba63f8c4
 	NOTE: https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html
@@ -190295,7 +190294,6 @@ CVE-2014-1878 (Stack-based buffer overflow in the cmd_submitf function in cgi/cm
 	{DSA-2956-1 DLA-461-1 DLA-60-1}
 	- icinga 1.10.3-1
 	- nagios3 <removed> (bug #823721)
-	[jessie] - nagios3 <no-dsa> (Minor issue)
 	NOTE: Fixed by https://github.com/Icinga/icinga-core/commit/eedf4f7d88cdc50843572224eb38a2f5c78a2dc5
 CVE-2014-1873
 	RESERVED
@@ -194445,7 +194443,6 @@ CVE-2013-7220 (js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8
 	NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
 CVE-2013-7205 (Off-by-one error in the process_cgivars function in ...)
 	- nagios3 <removed> (low; bug #771466)
-	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: additional changed files for nagios3, cf. CVE-2013-7108
@@ -194604,7 +194601,6 @@ CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earli
 	{DSA-2956-1 DLA-60-1}
 	- icinga 1.10.2-1 (low)
 	- nagios3 <removed> (low; bug #771466)
-	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: https://dev.icinga.org/issues/5251


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[24 Dec 2018] DLA-1615-1 nagios3 - security update
+	{CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245}
+	[jessie] - nagios3 3.5.1.dfsg-2+deb8u1
 [22 Dec 2018] DLA-1614-1 openjpeg2 - security update
 	{CVE-2018-6616 CVE-2018-14423}
 	[jessie] - openjpeg2 2.1.0-2+deb8u6


=====================================
data/dla-needed.txt
=====================================
@@ -88,8 +88,6 @@ linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
 --
-nagios3 (Markus Koschany)
---
 nettle
 --
 nss (Roberto C. Sánchez)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f11d274ecc5ad181acd397dde263d787b3e2cc08...dfa0b03e26ea1a626c855c78cde33d0c7e646fe6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f11d274ecc5ad181acd397dde263d787b3e2cc08...dfa0b03e26ea1a626c855c78cde33d0c7e646fe6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181224/6261d684/attachment-0001.html>