[Git][security-tracker-team/security-tracker][master] Triage result.
Ola Lundqvist
opal at debian.org
Tue Nov 13 20:50:12 GMT 2018
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f1bf7a9d by Ola Lundqvist at 2018-11-13T20:49:55Z
Triage result.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11575,6 +11575,7 @@ CVE-2018-14645 (A flaw was discovered in the HPACK decoder of HAProxy, before 1.
NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b4e05a3daa30f657db01ec144a0e48850c48f813
CVE-2018-14644 (An issue has been found in PowerDNS Recursor from 4.0.0 up to and ...)
- pdns-recursor 4.1.7-1 (bug #913162)
+ [jessie] - pdns-recursor <postponed> (Minor issue)
NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
NOTE: https://downloads.powerdns.com/patches/2018-07/
CVE-2018-14643 (An authentication bypass flaw was found in the smart_proxy_dynflow ...)
@@ -11634,7 +11635,9 @@ CVE-2018-14626 [Packet cache pollution via crafted query]
RESERVED
- pdns 4.1.5-1 (bug #913163)
[stretch] - pdns <not-affected> (Vulnerable code present only in >= 4.1.0)
+ [jessie] - pdns <not-affected> (Vulnerable code not present)
- pdns-recursor 4.1.7-1 (bug #913162)
+ [jessie] - pdns-recursor <not-affected> (Vulnerable code not present)
NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-05.html
NOTE: https://downloads.powerdns.com/patches/2018-05/
NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
@@ -21747,7 +21750,9 @@ CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the avail
CVE-2018-10851 [Crafted answer can cause a denial of service]
RESERVED
- pdns 4.1.5-1 (bug #913163)
+ [jessie] - pdns <ignored> (Minor issue)
- pdns-recursor 4.1.7-1 (bug #913162)
+ [jessie] - pdns-recursor <ignored> (Minor issue)
NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html
NOTE: https://downloads.powerdns.com/patches/2018-03/
NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html
=====================================
data/dla-needed.txt
=====================================
@@ -63,10 +63,16 @@ otrs2
--
pdns (Abhijith PA)
--
+poppler
+--
qemu (Santiago)
NOTE: 20181026: no fix yet for recent dsa issues, but start working on
NOTE: pending no-dsa issues
--
+ruby-i18n
+--
+ruby-rack
+--
salt (Mike Gabriel)
--
squid3 (Abhijith PA)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1bf7a9d9249f276b136372030f2cfcf2f67c699
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1bf7a9d9249f276b136372030f2cfcf2f67c699
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181113/9d8dc75e/attachment.html>
More information about the debian-security-tracker-commits
mailing list