[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
lamby at debian.org
Sun Mar 4 21:55:56 UTC 2018
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c87e7afb by Chris Lamb at 2018-03-04T21:55:19+00:00
data/dla-needed.txt: Correct ordering
- - - - -
21592d03 by Chris Lamb at 2018-03-04T21:55:19+00:00
Add patch link for CVE-2018-7443 (libjgraphx-java)
- - - - -
3e6969d6 by Chris Lamb at 2018-03-04T21:55:20+00:00
Triage libjgraphx-java for LTS
- - - - -
96c75e80 by Chris Lamb at 2018-03-04T21:55:38+00:00
Claim libjgraphx-java in data/dla-needed.txt
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -686,6 +686,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...)
[jessie] - libjgraphx-java <no-dsa> (Minor issue)
[stretch] - libjgraphx-java <no-dsa> (Minor issue)
NOTE: https://github.com/jgraph/mxgraph/issues/124
+ NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...)
{DLA-1293-1}
- imagemagick <unfixed> (low; bug #891291)
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -28,13 +28,13 @@ gcc-4.7 (Roberto C. Sánchez)
NOTE: Backport the retpoline support for spectre mitigation.
NOTE: Do we want/need it on this gcc version as well?
--
-isc-dhcp (Thorsten Alteholz)
---
icu (Thorsten Alteholz)
NOTE: 20171229: CVE-2017-15422 was reported via Google Code issue report in Chromium project; report is not visible to the public
--
imagemagick (Markus Koschany)
--
+isc-dhcp (Thorsten Alteholz)
+--
jruby (Emilio Pozuelo)
--
krb5
@@ -58,6 +58,8 @@ libav (Hugo Lefeuvre)
--
libgcrypt11
--
+libjgraphx-java (Chris Lamb)
+--
libmad (Kurt Roeckx)
--
libreoffice
@@ -109,3 +111,4 @@ xen
--
zsh (Abhijith PA)
NOTE: 20180303: Upstream repository is temporarily offline (abhijith)
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180304/0dec4358/attachment-0001.html>
More information about the Secure-testing-commits
mailing list