[Git][security-tracker-team/security-tracker][master] 3 commits: add mupdf to dla-needed.txt

Sun Oct 28 15:57:22 GMT 2018

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bdba3990 by Thorsten Alteholz at 2018-10-28T15:48:38Z
add mupdf to dla-needed.txt

- - - - -
2816af40 by Thorsten Alteholz at 2018-10-28T15:49:45Z
follow security team for CVE-2018-18700 and CVE-2018-18701 in Jessie

- - - - -
3fa1d540 by Thorsten Alteholz at 2018-10-28T15:50:53Z
mark CVE-2018-15687 as not-affected for Jessie

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -109,10 +109,12 @@ CVE-2018-18702 (spider.admincp.php in iCMS v7.0.11 allows SQL injection via ...)
 CVE-2018-18701 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675
 CVE-2018-18700 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681
 CVE-2018-18699 (An issue was discovered in GoPro gpmf-parser 1.2.1. There is an ...)
 	NOT-FOR-US: GoPro gpmf-parser
@@ -7531,6 +7533,7 @@ CVE-2018-15688 (A buffer overflow vulnerability in the dhcp6 client of systemd a
 CVE-2018-15687 (A race condition in chown_one() of systemd allows an attacker to cause ...)
 	- systemd 239-11 (bug #912007)
 	[stretch] - systemd <not-affected> (Vulnerable code introduced later in v235)
+	[jessie] - systemd <not-affected> (Vulnerable code introduced later in v235)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1689
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796692
 	NOTE: https://github.com/systemd/systemd/pull/10517


=====================================
data/dla-needed.txt
=====================================
@@ -53,6 +53,8 @@ linux-4.9 (Ben Hutchings)
 --
 mono (Markus Koschany)
 --
+mupdf
+--
 mysql-5.5 (Emilio Pozuelo)
 --
 nsis



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bc2ff714e6d1792a7c4bc807371cb0bff5e7cc4f...3fa1d540deebc7da04a40b122a5676ce2feb71b4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bc2ff714e6d1792a7c4bc807371cb0bff5e7cc4f...3fa1d540deebc7da04a40b122a5676ce2feb71b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181028/db76adb8/attachment-0001.html>
