[Git][security-tracker-team/security-tracker][master] First round of verification for 9.9 point release

Salvatore Bonaccorso carnil at debian.org
Fri Apr 26 20:52:50 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a7078af by Salvatore Bonaccorso at 2019-04-26T19:51:10Z
First round of verification for 9.9 point release

Move proposed updates which are not ACCEPTED or neither uploaded down to
the list to have a visual separation for the check.

- - - - -


1 changed file:

- data/next-point-update.txt


Changes:

=====================================
data/next-point-update.txt
=====================================
@@ -1,29 +1,3 @@
-CVE-2017-12424
-	[stretch] - shadow 1:4.4-4.1+deb9u1
-CVE-2015-9261 [busybox: pointer misuse unziping files]
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2016-2148
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2016-2147
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2011-5325
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2017-15873
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2017-16544
-	[stretch] - busybox 1:1.22.0-19+deb9u1
-CVE-2017-17840
-	[stretch] - open-iscsi 2.0.874-3~deb9u2
-CVE-2017-9527
-	[stretch] - mruby 1.2.0+20161228+git30d5424a-1+deb9u1
-CVE-2018-14779
-	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
-CVE-2018-14780
-	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
-CVE-2018-18718
-	[stretch] - gthumb 3:3.4.4.1-5+deb9u1
-CVE-2018-16336
-	[stretch] - exiv2 0.25-3.1+deb9u2
 CVE-2014-10077
 	[stretch] - ruby-i18n 0.7.0-2+deb9u1
 CVE-2018-9240
@@ -32,14 +6,10 @@ CVE-2018-1000035
 	[stretch] - unzip 6.0-21+deb9u1
 CVE-2019-8331
 	[stretch] - twitter-bootstrap3 3.3.7+dfsg-2+deb9u2
-CVE-2019-6438
-	[stretch] - slurm-llnl 16.05.9-1+deb9u3
 CVE-2018-1000872
 	[stretch] - python-pykmip 0.5.0-4+deb9u1
 CVE-2019-7443
 	[stretch] - kauth 5.28.0-2+deb9u1
-CVE-2019-7659
-	[stretch] - gsoap 2.8.35-4+deb9u2
 CVE-2018-20169
 	[stretch] - linux 4.9.161-1
 CVE-2018-19824
@@ -90,10 +60,6 @@ CVE-2016-9842
 	[stretch] - rsync 3.1.2-1+deb9u2
 CVE-2016-9841
 	[stretch] - rsync 3.1.2-1+deb9u2
-CVE-2019-8907
-	[stretch] - file 1:5.30-1+deb9u3
-CVE-2019-8905
-	[stretch] - file 1:5.30-1+deb9u3
 CVE-2018-20349
 	[stretch] - r-cran-igraph 1.0.1-1+deb9u1
 CVE-2018-5383
@@ -124,31 +90,6 @@ CVE-2018-7725
 	[stretch] - zziplib 0.13.62-3.2~deb9u1
 CVE-2018-7726
 	[stretch] - zziplib 0.13.62-3.2~deb9u1
-CVE-2019-XXXX
-	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2
-	NOTE: For #925959 (no CVE)
-CVE-2018-11806
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-12617
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-16872
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-17958
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-18849
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-18954
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-19364
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2018-19489
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2019-3812
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2019-6778
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
-CVE-2019-9824
-	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
 CVE-2019-10269
 	[stretch] - bwa 0.7.15-2+deb9u1
 CVE-2018-7752
@@ -193,3 +134,62 @@ CVE-2017-16129
 	[stretch] - node-superagent 0.20.0+dfsg-1+deb9u1
 CVE-2019-11358
 	[stretch] - jquery 3.1.1-2+deb9u1
+CVE-2017-12424
+	[stretch] - shadow 1:4.4-4.1+deb9u1
+CVE-2015-9261 [busybox: pointer misuse unziping files]
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2016-2148
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2016-2147
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2011-5325
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-15873
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-16544
+	[stretch] - busybox 1:1.22.0-19+deb9u1
+CVE-2017-17840
+	[stretch] - open-iscsi 2.0.874-3~deb9u2
+CVE-2017-9527
+	[stretch] - mruby 1.2.0+20161228+git30d5424a-1+deb9u1
+CVE-2018-14779
+	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
+CVE-2018-14780
+	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
+CVE-2018-18718
+	[stretch] - gthumb 3:3.4.4.1-5+deb9u1
+CVE-2018-16336
+	[stretch] - exiv2 0.25-3.1+deb9u2
+CVE-2019-6438
+	[stretch] - slurm-llnl 16.05.9-1+deb9u3
+CVE-2019-7659
+	[stretch] - gsoap 2.8.35-4+deb9u2
+CVE-2019-XXXX
+	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2
+	NOTE: For #925959 (no CVE)
+CVE-2018-11806
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-12617
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-16872
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-17958
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-18849
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-18954
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-19364
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2018-19489
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2019-3812
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2019-6778
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2019-9824
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u6
+CVE-2019-8907
+	[stretch] - file 1:5.30-1+deb9u3
+CVE-2019-8905
+	[stretch] - file 1:5.30-1+deb9u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a7078af952b5f6628ef0acde8bc0dec18260824

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a7078af952b5f6628ef0acde8bc0dec18260824
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190426/0e438af2/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list