[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-1010083 as no-dsa for Jessie
Thorsten Alteholz
alteholz at debian.org
Sun Aug 25 21:45:27 BST 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d81751f7 by Thorsten Alteholz at 2019-08-25T20:34:09Z
mark CVE-2019-1010083 as no-dsa for Jessie
- - - - -
face3b5e by Thorsten Alteholz at 2019-08-25T20:34:54Z
add libextractor
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -17087,6 +17087,7 @@ CVE-2019-1010084 (Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: In
CVE-2019-1010083 (The Pallets Project Flask before 1.0 is affected by: unexpected memory ...)
- flask 1.0.2-1
[stretch] - flask <no-dsa> (Minor issue)
+ [jessie] - flask <no-dsa> (Minor issue)
NOTE: https://www.palletsprojects.com/blog/flask-1-0-released/
NOTE: https://github.com/pallets/flask/pull/2691/commits/ab4142215d836b0298fc47fa1e4b75408b9c37a0
NOTE: After communication with MITRE, this CVE *might* overlap CVE-2018-1000656.
=====================================
data/dla-needed.txt
=====================================
@@ -59,6 +59,8 @@ libav
--
libcrypto++
--
+libextractor (Thorsten Alteholz)
+--
libmatio (Adrian Bunk)
NOTE: fairly high number of open issues. Not sure why we never had a look at them.
NOTE: triage work needed, help security team for fixes if needed.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/620c381b7da13025a9e2ed788ff0046e033674d3...face3b5e1c010820dbe1cc4c38546e84b2369710
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/620c381b7da13025a9e2ed788ff0046e033674d3...face3b5e1c010820dbe1cc4c38546e84b2369710
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190825/83f54ebe/attachment.html>
More information about the debian-security-tracker-commits
mailing list