[Git][security-tracker-team/security-tracker][master] dla-needed: update tika entry
Hugo Lefeuvre
hle at debian.org
Tue Aug 13 09:16:21 BST 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d4223e1a by Hugo Lefeuvre at 2019-08-13T08:15:55Z
dla-needed: update tika entry
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -132,11 +132,8 @@ subversion
NOTE: 20190804: For (at least) CVE-2018-11782 the svn_err_trace that is in the diff has not been added yet. (lamby)
--
tika (Hugo Lefeuvre)
- NOTE: probable fix for all three vulnerabilities:
- NOTE: https://github.com/apache/tika/commit/426be73b9e7500fa3d441231fa4e473de34743f6
- NOTE: contacted tika developers to get confirmation:
- NOTE: https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E
- NOTE: 20190810: got answer privately, they should be able to confirm next week
+ NOTE: 20190813: found commit links and reproducers.
+ NOTE: currently having difficulties to reproduce issues. Asked maintainer for help (c.f. debian-lts ML)
--
tomcat8 (Sylvain Beucler)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4223e1a2c8d7605817f571abe01d9d1e0dd52e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4223e1a2c8d7605817f571abe01d9d1e0dd52e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190813/f4062c52/attachment.html>
More information about the debian-security-tracker-commits
mailing list