[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] transmission DSA
Moritz Muehlenhoff
jmm at debian.org
Sun Jan 14 18:33:45 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8012234 by Moritz Muehlenhoff at 2018-01-14T19:33:30+01:00
transmission DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -691,6 +691,8 @@ CVE-2016-10705 (The Jetpack plugin before 4.0.4 for WordPress has XSS via the Li
NOT-FOR-US: WordPress plugin jetpack
CVE-2018-XXXX [rpc session-id mechanism design flaw results in RCE]
- transmission <unfixed> (bug #886990)
+ [jessie] - transmission 2.84-0.2+deb8u1
+ [stretch] - transmission 2.92-2+deb9u1
NOTE: http://www.openwall.com/lists/oss-security/2018/01/12/1
NOTE: https://github.com/transmission/transmission/pull/468
NOTE: Proposed patch: https://patch-diff.githubusercontent.com/raw/transmission/transmission/pull/468.diff
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,6 @@
+[14 Jan 2018] DSA-4087-1 transmission - security update
+ [jessie] - transmission 2.84-0.2+deb8u1
+ [stretch] - transmission 2.92-2+deb9u1
[13 Jan 2018] DSA-4086-1 libxml2 - security update
{CVE-2017-15412}
[jessie] - libxml2 2.9.1+dfsg1-5+deb8u6
=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -66,8 +66,6 @@ tomcat7/oldstable
--
tomcat8
--
-transmission (jmm)
---
wordpress (seb)
Craig Small proposed debdiff (for stretch only) on 2017-12-09
Needs review and ack, what about jessie?
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b80122345409c175af984c1b0f17e0407b21e613
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b80122345409c175af984c1b0f17e0407b21e613
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180114/0314a9a5/attachment.html>
More information about the Secure-testing-commits
mailing list