[Git][security-tracker-team/security-tracker][master] rust fixed
Moritz Muehlenhoff
jmm at debian.org
Fri Nov 9 08:49:21 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1fe73163 by Moritz Muehlenhoff at 2018-11-09T08:48:28Z
rust fixed
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2651,12 +2651,11 @@ CVE-2018-18057
CVE-2018-18056
RESERVED
CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...)
- - rustc <unfixed>
+ - rustc 1.30.0+dfsg1-1
[jessie] - rustc <not-affected> (Vulnerable code not present)
- [stretch] - rustc <ignored> (Can be fixed along in future rustc update for ESR68)
+ [stretch] - rustc <not-affected> (Introduced in 1.26)
NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
- NOTE: Fixed upstream in 1.29.1
CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Input ...)
NOT-FOR-US: privacyIDEA
CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -65,3 +65,5 @@ thunderbird (jmm)
--
tiff
--
+xml-security-c
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1fe73163e60907004f3146b34e591973201986ee
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1fe73163e60907004f3146b34e591973201986ee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181109/c1d1b3bf/attachment.html>
More information about the debian-security-tracker-commits
mailing list