[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Slightly reorder list in preparation for point release

Salvatore Bonaccorso carnil at debian.org
Fri Mar 9 10:07:26 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09eb30a5 by Salvatore Bonaccorso at 2018-03-09T11:06:31+01:00
Slightly reorder list in preparation for point release

Rorder on top the packages which are likely to be included and below the
one which have not seen yet an upload frop stretch-pu and thus
defintively will not be included on 2018-03-10's point release for 9.4.

- - - - -


1 changed file:

- data/next-point-update.txt


Changes:

=====================================
data/next-point-update.txt
=====================================
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -1,34 +1,11 @@
-CVE-2017-12424
-	[stretch] - shadow 1:4.4-4.1+deb9u1
-CVE-2017-9951
-	[stretch] - memcached 1.4.33-1+deb9u1
-CVE-2015-XXXX [busybox: pointer misuse unziping files]
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-	NOTE: For #803097
-CVE-2016-2148
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2016-2147
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2011-5325
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2017-15873
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2017-16544
-	[stretch] - busybox 1:1.22.0-19+deb9u1
 CVE-2017-12133
 	[stretch] - glibc 2.24-11+deb9u2
 CVE-2017-14623
 	[stretch] - golang-github-go-ldap-ldap 2.4.1-1+deb9u1
-CVE-2017-17840
-	[stretch] - open-iscsi 2.0.874-3~deb9u2
 CVE-2017-17511
 	[stretch] - kildclient 3.1.0-1+deb9u1
 CVE-2017-9868
 	[stretch] - mosquitto 1.4.10-3+deb9u1
-CVE-2017-7458
-	[stretch] - ntopng 2.4+dfsg1-3+deb9u1
-CVE-2017-7459
-	[stretch] - ntopng 2.4+dfsg1-3+deb9u1
 CVE-2017-9258
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 CVE-2017-9259
@@ -37,20 +14,6 @@ CVE-2017-9260
 	[stretch] - soundtouch 1.9.2-2+deb9u1
 CVE-2017-16879
 	[stretch] - ncurses 6.0+20161126-1+deb9u2
-CVE-2017-17440
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15266
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15267
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15600
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15601
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15602
-	[stretch] - libextractor 1:1.3-4+deb9u1
-CVE-2017-15922
-	[stretch] - libextractor 1:1.3-4+deb9u1
 CVE-2017-17531
 	[stretch] - global 6.5.6-2+deb9u1
 CVE-2017-1000426
@@ -102,8 +65,6 @@ CVE-2017-12380
 	[stretch] - clamav 0.99.2+dfsg-6+deb9u1
 CVE-2018-6560
 	[stretch] - flatpak 0.8.9-0+deb9u1
-CVE-2017-1000494
-	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
 CVE-2018-6758
 	[stretch] - uwsgi 2.0.14+20161117-3+deb9u1
 CVE-2017-15908
@@ -116,6 +77,45 @@ CVE-2017-18190
 	[stretch] - cups 2.2.1-8+deb9u1
 CVE-2017-15906
 	[stretch] - openssh 1:7.4p1-10+deb9u3
+CVE-2017-12424
+	[stretch] - shadow 1:4.4-4.1+deb9u1
+CVE-2017-9951
+	[stretch] - memcached 1.4.33-1+deb9u1
+CVE-2015-XXXX [busybox: pointer misuse unziping files]
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+	NOTE: For #803097
+CVE-2016-2148
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2016-2147
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2011-5325
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-15873
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-16544
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-17840
+	[stretch] - open-iscsi 2.0.874-3~deb9u2
+CVE-2017-7458
+	[stretch] - ntopng 2.4+dfsg1-3+deb9u1
+CVE-2017-7459
+	[stretch] - ntopng 2.4+dfsg1-3+deb9u1
+CVE-2017-17440
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15266
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15267
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15600
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15601
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15602
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-15922
+	[stretch] - libextractor 1:1.3-4+deb9u1
+CVE-2017-1000494
+	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
 CVE-2017-15105
 	[stretch] - unbound 1.6.0-3+deb9u2
 CVE-2017-16612



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09eb30a58e08a5ea12468705ab1496dd736f2c2a

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09eb30a58e08a5ea12468705ab1496dd736f2c2a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180309/ba047aad/attachment-0001.html>

More information about the Secure-testing-commits mailing list