[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: add uwsgi to dsa-needed
Moritz Muehlenhoff
jmm at debian.org
Tue Mar 13 22:36:55 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4f1328be by Moritz Muehlenhoff at 2018-03-13T23:35:07+01:00
add uwsgi to dsa-needed
- - - - -
a35851b0 by Moritz Muehlenhoff at 2018-03-13T23:36:00+01:00
bugnums
- - - - -
cba379fb by Moritz Muehlenhoff at 2018-03-13T23:36:39+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -235,7 +235,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference .
NOTE: https://github.com/silnrsi/graphite/issues/22
CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...)
{DLA-1306-1}
- - vips 8.4.5-2 (bug #892589)
+ - vips 8.4.5-2 (low; bug #892589)
[stretch] - vips <no-dsa> (Minor issue)
[jessie] - vips <no-dsa> (Minor issue)
NOTE: https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
@@ -39089,7 +39089,7 @@ CVE-2017-11431
RESERVED
CVE-2017-11430
RESERVED
- - ruby-omniauth-saml <unfixed>
+ - ruby-omniauth-saml <unfixed> (bug #892864)
NOTE: fixed in 1.10.0
NOTE: https://github.com/omniauth/omniauth-saml/issues/156
NOTE: https://github.com/omniauth/omniauth-saml/pull/157
@@ -39103,7 +39103,7 @@ CVE-2017-11429
NOTE: https://www.kb.cert.org/vuls/id/475445
CVE-2017-11428
RESERVED
- - ruby-saml <unfixed>
+ - ruby-saml <unfixed> (bug #892865)
NOTE: fixed in 1.7.0
NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
NOTE: https://www.kb.cert.org/vuls/id/475445
=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -102,6 +102,8 @@ undertow
--
vlc (jmm)
--
+uwsgi
+--
xen/oldstable
--
zendframework/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f796447effdf60ee256e4c9ef78799f03b230399...cba379fb24b191aabee7f811709f9e5fc205e377
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f796447effdf60ee256e4c9ef78799f03b230399...cba379fb24b191aabee7f811709f9e5fc205e377
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180313/69554128/attachment.html>
More information about the Secure-testing-commits
mailing list