[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for uwsgi update
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 17 16:39:08 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
381bbbbb by Salvatore Bonaccorso at 2018-03-17T17:38:51+01:00
Reserve DSA number for uwsgi update
- - - - -
4 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5429,7 +5429,7 @@ CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI thr
{DLA-1275-1}
- uwsgi 2.0.15-10.2 (bug #889753)
[stretch] - uwsgi 2.0.14+20161117-3+deb9u1
- [jessie] - uwsgi <no-dsa> (Minor issue)
+ [jessie] - uwsgi 2.0.7-1+deb8u2
NOTE: http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
NOTE: https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
CVE-2018-6657
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[17 Mar 2018] DSA-4142-1 uwsgi - security update
+ {CVE-2018-7490}
+ [jessie] - uwsgi 2.0.7-1+deb8u2
+ [stretch] - uwsgi 2.0.14+20161117-3+deb9u2
[16 Mar 2018] DSA-4141-1 libvorbisidec - security update
{CVE-2018-5147}
[jessie] - libvorbisidec 1.0.2+svn18153-1~deb8u2
=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -98,8 +98,6 @@ undertow
--
vlc (jmm)
--
-uwsgi (carnil)
---
xen/oldstable
--
zendframework/oldstable
=====================================
data/next-oldstable-point-update.txt
=====================================
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -81,8 +81,6 @@ CVE-2017-12379
[jessie] - clamav 0.99.2+dfsg-0+deb8u3
CVE-2017-12380
[jessie] - clamav 0.99.2+dfsg-0+deb8u3
-CVE-2018-6758
- [jessie] - uwsgi 2.0.7-1+deb8u2
CVE-2017-16612
[jessie] - wayland 1.6.0-2+deb8u1
CVE-2017-18190
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/381bbbbb5d2359c1ed998790cd7c2b2392b258ab
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/381bbbbb5d2359c1ed998790cd7c2b2392b258ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180317/ccb1a363/attachment-0001.html>
More information about the Secure-testing-commits
mailing list