[Git][security-tracker-team/security-tracker][master] Triage CVE-2018-18655 (prayer) for jessie LTS.

[Chris Lamb]

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e92b6dc5 by Chris Lamb at 2018-10-28T15:33:56Z
Triage CVE-2018-18655 (prayer) for jessie LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -216,6 +216,7 @@ CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup Ap
 CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a user's ...)
 	- prayer 1.3.5-dfsg1-5 (low; bug #911842)
 	[stretch] - prayer <no-dsa> (Minor issue)
+	[jessie] - prayer <no-dsa> (Minor issue)
 CVE-2018-18654 (Crossroads 2.81 does not properly handle the /tmp directory during a ...)
 	- crossroads <unfixed> (unimportant; bug #911877)
 	NOTE: Issue exploitable only during build of package


=====================================
data/dla-needed.txt
=====================================
@@ -73,9 +73,6 @@ poppler (Mike Gabriel)
   NOTE: 20180928: Consider fixing no-dsa/ignored bugs as well since this is
   NOTE: 20180928: frequently used package.
 --
-prayer (Chris Lamb)
-  NOTE: 20181026: more information and patch can be found in bug #911842 (thorsten)
---
 qemu (Santiago)
   NOTE: 20181026: no fix yet for recent dsa issues, but start working on
   NOTE: pending no-dsa issues



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e92b6dc5ea96796fe5f8f99d5989bc2d3978507d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e92b6dc5ea96796fe5f8f99d5989bc2d3978507d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181028/967caeb8/attachment.html>