[Git][security-tracker-team/security-tracker][master] 3 commits: readd ghostscript

Thorsten Alteholz alteholz at debian.org
Wed Nov 28 14:25:17 GMT 2018 

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b1c66f0 by Thorsten Alteholz at 2018-11-28T14:05:31Z
readd ghostscript

- - - - -
7d93be21 by Thorsten Alteholz at 2018-11-28T14:12:34Z
mark CVE-2018-19591 as not affected for Jessie

- - - - -
5d41613b by Thorsten Alteholz at 2018-11-28T14:14:59Z
add samba

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2056,6 +2056,7 @@ CVE-2018-19591 [Linux if_nametoindex() does not close descriptor]
 	RESERVED
 	- glibc <unfixed> (bug #914837)
 	[stretch] - glibc <not-affected> (Vulnerable code introduced later and not backported to stretch)
+	[jessie] - glibc <not-affected> (Vulnerable code introduced later and not backported to jessie)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23927
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d527c860f5a3f0ed687bd03f0cb464612dc23408


=====================================
data/dla-needed.txt
=====================================
@@ -16,6 +16,8 @@ cairo
 enigmail
   NOTE: 20181113: depends on gnupg2 updates, see 87r2fqnja0.fsf at curie.anarc.at (anarcat)
 --
+ghostscript
+--
 libapache-mod-jk (Roberto C. Sánchez)
   NOTE: 20181123: Packages ready, testing complete, waiting on security team feedback,
   NOTE: 20181123: as this work includes an updated package for stretch.  (roberto)
@@ -52,6 +54,8 @@ php5 (Roberto C. Sánchez)
 qemu (Santiago)
   NOTE: 20181121: Call for testers: https://lists.debian.org/debian-lts/2018/11/msg00104.html
 --
+samba
+--
 salt (Mike Gabriel)
   NOTE: 20181128: Have spent 0.75h on looking for the actual commits that fixed both open CVEs.
   NOTE: 20181128: No such URLs / hints / messages in Git log found.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9711fb12f8d3298b243f64c4ec76e3fc6d7e14f1...5d41613b6c3cdffea3dddd889c57883828cfe260

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9711fb12f8d3298b243f64c4ec76e3fc6d7e14f1...5d41613b6c3cdffea3dddd889c57883828cfe260
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181128/6a5a1b2c/attachment.html>

More information about the debian-security-tracker-commits mailing list