[Git][security-tracker-team/security-tracker][master] data/CVE/list: Tag CVE-2018-14329 as <no-dsa> for htslib in [jessie]. Upstream…
Mike Gabriel
sunweaver at debian.org
Tue Jul 17 18:06:33 BST 2018
Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker
Commits:
465d0599 by Mike Gabriel at 2018-07-17T19:06:23+02:00
data/CVE/list: Tag CVE-2018-14329 as <no-dsa> for htslib in [jessie]. Upstream chose to ignore the issue and encounter it with user education.
See https://github.com/samtools/htslib/issues/736#issuecomment-405638099
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,7 +19,9 @@ CVE-2018-14330
RESERVED
CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow local ...)
- htslib <unfixed>
+ [jessie] - htslib <no-dsa> (Minor issue, ignored by upstream)
NOTE: https://github.com/samtools/htslib/issues/736
+ NOTE: Upstream closed the issue, reasoning that fixing the issue would cause another set of problems.
CVE-2018-14328
RESERVED
CVE-2018-14327
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/465d05999225761e220c0f45003609697f9bf8ec
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/465d05999225761e220c0f45003609697f9bf8ec
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180717/6c27947d/attachment.html>
More information about the debian-security-tracker-commits
mailing list