[Git][security-tracker-team/security-tracker][master] NFU

Moritz Muehlenhoff jmm at debian.org
Sun Jul 15 09:59:56 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b5765aa by Moritz Muehlenhoff at 2018-07-15T10:59:30+02:00
NFU

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,7 +1,7 @@
 CVE-2018-14061
 	RESERVED
 CVE-2018-14060 (OS command injection in the AP mode settings feature in /cgi-bin/luci ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi R3D
 CVE-2018-14059
 	RESERVED
 CVE-2018-14058
@@ -46459,7 +46459,7 @@ CVE-2017-14529 (The pe_print_idata function in peXXigen.c in the Binary File Des
 CVE-2017-14528 (The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has ...)
 	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
 	- imagemagick 8:6.9.10.2+dfsg-2 (bug #878544)
-	[stretch] - imagemagick <no-dsa> (Minor issue)
+	[stretch] - imagemagick <ignored> (Minor issue)
 	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (Can't reproduce crash with file)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2730


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -21,7 +21,6 @@ asterisk
 enigmail
 --
 ffmpeg
-  Wait for next 3.2.x release
 --
 gitlab
 --
@@ -30,7 +29,7 @@ glusterfs
 graphicsmagick
 --
 intel-microcode
-  Updates for spectre v3a and v4 not yet released
+  wait for regressions in unstable before releasing to stretch
 --
 knot-resolver
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b5765aa2016e1b5665ab5edd5ebca3f9d3153af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b5765aa2016e1b5665ab5edd5ebca3f9d3153af
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180715/709d5d32/attachment.html>

More information about the debian-security-tracker-commits mailing list