[Git][security-tracker-team/security-tracker][master] 2 commits: Remove mkvtoolnix from dla-needed.txt again.

Sun Nov 4 18:46:36 GMT 2018

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
15de3c2b by Markus Koschany at 2018-11-04T18:42:01Z
Remove mkvtoolnix from dla-needed.txt again.

On closer inspection the vulnerable code is not present

- - - - -
7ff8e6ff by Markus Koschany at 2018-11-04T18:45:57Z
CVE-2018-4022,mkvtoolnix: Jessie is not affected.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -39753,6 +39753,7 @@ CVE-2018-4023
 	RESERVED
 CVE-2018-4022 (A use-after-free vulnerability exists in the way MKVToolNix MKVINFO ...)
 	- mkvtoolnix 28.2.0-1
+	[jessie] - mkvtoolnix <not-affected> (vulnerable code is not present)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0694
 	NOTE: https://gitlab.com/mbunkus/mkvtoolnix/commit/43021d16c7bcd3f9f70214827755a5163782b633
 CVE-2018-4021


=====================================
data/dla-needed.txt
=====================================
@@ -54,8 +54,6 @@ linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
 --
-mkvtoolnix
---
 mysql-5.5 (Roberto C. Sánchez)
 --
 nsis (Thorsten Alteholz)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/16bef75eaa2e60f06fb43c7683ebb0acf07380f5...7ff8e6ff52a1cbf80dc381ac0fc78b06efced497

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/16bef75eaa2e60f06fb43c7683ebb0acf07380f5...7ff8e6ff52a1cbf80dc381ac0fc78b06efced497
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181104/9f88731e/attachment.html>
