[Git][security-tracker-team/security-tracker][master] Reserve DLA-1555-1 for libmspack

Fri Oct 26 21:55:42 BST 2018

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2db21d3 by Thorsten Alteholz at 2018-10-26T20:50:07Z
Reserve DLA-1555-1 for libmspack

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Oct 2018] DLA-1555-1 libmspack - security update
+	{CVE-2018-18584 CVE-2018-18585}
+	[jessie] - libmspack 0.5-1+deb8u3
 [25 Oct 2018] DLA-1554-2 389-ds-base - regression update
 	[jessie] - 389-ds-base 1.3.3.5-4+deb8u5
 [25 Oct 2018] DLA-1554-1 389-ds-base - security update


=====================================
data/dla-needed.txt
=====================================
@@ -43,8 +43,6 @@ liblivemedia (Hugo Lefeuvre)
   NOTE: CVE entry says remote: "no", but it looks like a pretty exploitable remote vulnerability
   NOTE: (remote code execution)... CVE is very well documented so I think this is worth a patch
 --
-libmspack (Thorsten Alteholz)
---
 libspring-java (Abhijith PA)
   NOTE: 20181025: uses internal system & id to handle security issues, thus very hard chase all relevant commits. Contacted 
   NOTE: 20181025: upstream but they couldn't help either. Only way left is to mark remaining vulnerabilities as no-dsa. 



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2db21d3fa7e949207ce24b9dfda4192f7bdd9c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2db21d3fa7e949207ce24b9dfda4192f7bdd9c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181026/bc019aef/attachment-0001.html>
