[Git][security-tracker-team/security-tracker][master] 4 commits: follow security team with ignored CVEs for binutil

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
893550fa by Thorsten Alteholz at 2018-10-24T13:47:21Z
follow security team with ignored CVEs for binutil

- - - - -
41f09ad0 by Thorsten Alteholz at 2018-10-24T13:47:57Z
claim tiff

- - - - -
7056598c by Thorsten Alteholz at 2018-10-24T13:52:40Z
add xen to dla-needed.txt

- - - - -
40f59cca by Thorsten Alteholz at 2018-10-24T13:56:33Z
fix typo, the package is named drupal7

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -49,16 +49,19 @@ CVE-2018-18608 (DedeCMS 5.7 SP2 allows XSS via the function named GetPageList de
 CVE-2018-18607 (An issue was discovered in elf_link_input_bfd in elflink.c in the ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23805
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a
 CVE-2018-18606 (An issue was discovered in the merge_strings function in merge.c in the ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23806
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc
 CVE-2018-18605 (A heap-based buffer over-read issue was discovered in the function ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23804
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61
 CVE-2018-18604
@@ -390,13 +393,13 @@ CVE-2018-18462
 CVE-2018-XXXX [Injection in DefaultMailSystem::mail()]
 	- drupal7 <removed> (bug #911337)
 	[stretch] - drupal7 7.52-2+deb9u5
-	[jessie] - drupal 7.32-1+deb8u13
+	[jessie] - drupal7 7.32-1+deb8u13
 	NOTE: https://www.drupal.org/sa-core-2018-006
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
 CVE-2018-XXXX [External URL injection through URL aliases]
 	- drupal7 <removed> (bug #911336)
 	[stretch] - drupal7 7.52-2+deb9u5
-	[jessie] - drupal 7.32-1+deb8u13
+	[jessie] - drupal7 7.32-1+deb8u13
 	NOTE: https://www.drupal.org/sa-core-2018-006
 	NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
 CVE-2018-18461 (The Arigato Autoresponder and Newsletter (aka bft-autoresponder) ...)


=====================================
data/dla-needed.txt
=====================================
@@ -87,3 +87,7 @@ symfony (Thorsten Alteholz)
 --
 thunderbird (Emilio Pozuelo)
 --
+tiff (Thorsten Alteholz)
+--
+xen
+--



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/81533b119a0f3a0e0bf3a2d08de5843cfa9fcac5...40f59cca587af4953cc520724a23889674c77f39

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/81533b119a0f3a0e0bf3a2d08de5843cfa9fcac5...40f59cca587af4953cc520724a23889674c77f39
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181024/fbc04469/attachment.html>