[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: add mercurial to dla-needed.txt
Thorsten Alteholz
alteholz at debian.org
Thu Mar 15 11:46:17 UTC 2018
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ba30c425 by Thorsten Alteholz at 2018-03-15T12:44:35+01:00
add mercurial to dla-needed.txt
- - - - -
4d63b7c8 by Thorsten Alteholz at 2018-03-15T12:45:46+01:00
follow security team for jakarta-jmeter
- - - - -
3 changed files:
- data/CVE/list
- data/dla-needed.txt
- data/packages/lts-do-not-call
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19728,6 +19728,7 @@ CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x a
- jakarta-jmeter <unfixed> (low)
[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
[jessie] - jakarta-jmeter <no-dsa> (Minor issue)
+ [wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/1
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
CVE-2018-1296
@@ -19755,6 +19756,7 @@ CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (R
- jakarta-jmeter <unfixed> (low)
[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
[jessie] - jakarta-jmeter <no-dsa> (Minor issue)
+ [wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/2
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged ...)
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -72,6 +72,8 @@ libvorbis (Guido Günther)
--
linux
--
+mercurial
+--
ming (Hugo Lefeuvre)
NOTE: 20180311: wip, currently working on it with upstream, might take a while
--
=====================================
data/packages/lts-do-not-call
=====================================
--- a/data/packages/lts-do-not-call
+++ b/data/packages/lts-do-not-call
@@ -18,6 +18,7 @@ jbig2dec https://lists.debian.org/debian-lts/2017/04/msg00101.html
libarchive https://lists.debian.org/debian-lts/2017/04/msg00015.html
libgcrypt11 removed from Jessie, latest uploads only made by the security teams
libtomcrypt https://lists.debian.org/debian-lts/2016/09/msg00044.html
+mercurial https://lists.debian.org/debian-lts/2017/12/msg00058.html
nspr https://lists.debian.org/debian-lts/2016/09/msg00192.html
nss https://lists.debian.org/debian-lts/2016/09/msg00192.html
opencv no answer to https://lists.debian.org/debian-lts/2017/09/msg00028.html, all LTS uploads by LTS team
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4117a8bb27f0edbf470bc856ef648ac5ec86f577...4d63b7c8919ea091efd0ccefdcf0394280571f91
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4117a8bb27f0edbf470bc856ef648ac5ec86f577...4d63b7c8919ea091efd0ccefdcf0394280571f91
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180315/86d025aa/attachment-0001.html>
More information about the Secure-testing-commits
mailing list