[Git][security-tracker-team/security-tracker][master] 3 commits: add ansible to dla-needed.txt

Thorsten Alteholz alteholz at debian.org
Fri Oct 26 14:00:24 BST 2018 

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8dd7fa80 by Thorsten Alteholz at 2018-10-26T12:45:07Z
add ansible to dla-needed.txt

- - - - -
2499af6d by Thorsten Alteholz at 2018-10-26T12:46:25Z
add prayer to dla-needed.txt

- - - - -
e1915743 by Thorsten Alteholz at 2018-10-26T12:54:51Z
add libmspack to dla-needed.txt

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -9,6 +9,8 @@ To pick an issue, simply add your name behind it. To learn more about how
 this list is updated have a look at
 https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 
+--
+ansible
 --
 cairo
   NOTE: 20181024: No fix available yet.
@@ -41,6 +43,8 @@ liblivemedia (Hugo Lefeuvre)
   NOTE: CVE entry says remote: "no", but it looks like a pretty exploitable remote vulnerability
   NOTE: (remote code execution)... CVE is very well documented so I think this is worth a patch
 --
+libmspack (Thorsten Alteholz)
+--
 libspring-java (Abhijith PA)
   NOTE: 20181025: uses internal system & id to handle security issues, thus very hard chase all relevant commits. Contacted 
   NOTE: 20181025: upstream but they couldn't help either. Only way left is to mark remaining vulnerabilities as no-dsa. 
@@ -78,6 +82,9 @@ qemu (Santiago)
   NOTE: 20181026: no fix yet for recent dsa issues, but start working on
   NOTE: pending no-dsa issues
 --
+prayer
+  NOTE: 20181026: more information and patch can be found in bug #911842
+--
 salt (Antoine Beaupre)
   NOTE: 20180921: CVE-2017-7893 is not crucial since the managed system must be
   NOTE: 20180921: compromised first. But the security escalation effect can cause



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/094f19ca250112bb4ed564e8ba841312d6e03240...e1915743f0aa102d855ca6fcee65233704599777

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/094f19ca250112bb4ed564e8ba841312d6e03240...e1915743f0aa102d855ca6fcee65233704599777
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181026/7cd924c3/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list