[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: add polarssl, sox, wavpack to dla-needed.txt
Antoine Beaupré
anarcat at debian.org
Fri Feb 16 21:00:29 UTC 2018
Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits:
66d36bd2 by Antoine Beaupré at 2018-02-16T15:59:51-05:00
add polarssl, sox, wavpack to dla-needed.txt
- - - - -
43dcbb7c by Antoine Beaupré at 2018-02-16T15:59:52-05:00
fix jessie triage for myrepos
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -497,6 +497,7 @@ CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs
[jessie] - myrepos <no-dsa> (Minor issue)
- mr <removed>
[wheezy] - mr <no-dsa> (Minor issue)
+ [jessie] - mr <no-dsa> (Minor issue)
CVE-2018-6956
RESERVED
CVE-2018-6955
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -76,11 +76,17 @@ opencv (Thorsten Alteholz)
--
openjdk-7 (Emilio Pozuelo)
--
+polarssl
+--
quagga (Thorsten Alteholz)
--
+sox
+ NOTE: marked no-dsa/minor in stable. if worth an upload, consider also uploading to jessie/stretch as well since version numbers are very close
+--
suricata (Santiago R.R.)
NOTE: Hard to tell whether the package is vulnerable. DetectFlow in detect.c
NOTE: does not exist. Code seems to be in SigMatchSignatures instead.
NOTE: StreamTcpInlineDropInvalid function does not exist at all. Perhaps contact
NOTE: upstream and ask for a clarification?
--
+wavpack
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/de20b5d566108248cf726b6742838d7b009b8f61...43dcbb7ca87f7c9f6112f2969802f1cbf2c9ee0a
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/de20b5d566108248cf726b6742838d7b009b8f61...43dcbb7ca87f7c9f6112f2969802f1cbf2c9ee0a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180216/32e2f64e/attachment.html>
More information about the Secure-testing-commits
mailing list