[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: nvidia spu

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8603ec68 by Moritz Muehlenhoff at 2018-01-25T01:42:48+01:00
nvidia spu

- - - - -
fff0d56f by Moritz Muehlenhoff at 2018-01-25T01:43:09+01:00
qemu postponed

- - - - -
8a682689 by Moritz Muehlenhoff at 2018-01-25T01:43:18+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1272,6 +1272,8 @@ CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the ...
 	TODO: check
 CVE-2018-5683 (The vga_draw_text function in Qemu allows local OS guest privileged ...)
 	- qemu <unfixed> (bug #887392)
+	[jessie] - qemu <postponed> (Minor issue, can be fixed along in future DSA)
+	[wheezy] - qemu <postponed> (Minor issue, can be fixed along in future DSA)
 	[wheezy] - qemu <postponed> (Minor issue, can be fixed along in next DLA)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <postponed> (Minor issue, can be fixed along in next DLA)
@@ -17370,8 +17372,8 @@ CVE-2017-16660 (Cacti 1.1.27 allows remote authenticated administrators to condu
 	NOTE: affected code was introduced in the 1.x release
 CVE-2017-16641 (lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators ...)
 	- cacti 1.1.27+ds1-3 (bug #881110)
-	[stretch] - cacti <no-dsa> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
-	[jessie] - cacti <no-dsa> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
+	[stretch] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
+	[jessie] - cacti <ignored> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
 	[wheezy] - cacti <no-dsa> (Minor issue, due to CVE-2009-4112 does not make sense to isolately fix unless CVE-2009-4112 adressed upstream)
 	NOTE: https://github.com/Cacti/cacti/issues/1057
 	NOTE: https://github.com/Cacti/cacti/commit/e8088bb6593e6a49d000c342d17402f01db8740e


=====================================
data/next-point-update.txt
=====================================
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -67,3 +67,9 @@ CVE-2017-14695
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
 CVE-2017-14696
 	[stretch] - salt 2016.11.2+ds-1+deb9u1
+CVE-2017-5753
+	[stretch] - nvidia-graphics-drivers-legacy-340xx 340.106-1~deb9u1
+CVE-2017-5754
+	[stretch] - nvidia-graphics-drivers-legacy-340xx 340.106-1~deb9u1
+CVE-2017-5715
+	[stretch] - nvidia-graphics-drivers-legacy-340xx 340.106-1~deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5198ff971f348bcd3607fb73fe5e863b1298123a...8a68268922de8d13c43efbe0599677d51773b46d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5198ff971f348bcd3607fb73fe5e863b1298123a...8a68268922de8d13c43efbe0599677d51773b46d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180125/ba43f565/attachment-0001.html>