[Git][security-tracker-team/security-tracker][master] Reserve DSA number for apache2 update

Salvatore Bonaccorso carnil at debian.org
Mon Aug 26 20:34:41 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ee67ebf by Salvatore Bonaccorso at 2019-08-26T19:34:12Z
Reserve DSA number for apache2 update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -16044,6 +16044,7 @@ CVE-2019-10098 [mod_rewrite configurations vulnerable to open redirect]
 CVE-2019-10097 [mod_remoteip stack buffer overflow and NULL pointer dereference]
 	RESERVED
 	- apache2 2.4.41-1
+	[buster] - apache2 2.4.38-3+deb10u1
 	[stretch] - apache2 <not-affected> (PROXY protocol support in mod_remoteip added later)
 	[jessie] - apache2 <not-affected> (PROXY protocol support in mod_remoteip added later)
 	NOTE: Affects upstream versions 2.4.32 to 2.4.39


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[26 Aug 2019] DSA-4509-1 apache2 - security update
+	{CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10098}
+	[stretch] - apache2 2.4.25-3+deb9u8
+	[buster] - apache2 2.4.38-3+deb10u1
 [24 Aug 2019] DSA-4508-1 h2o - security update
 	{CVE-2019-9512 CVE-2019-9514 CVE-2019-9515}
 	[buster] - h2o 2.2.5+dfsg2-2+deb10u1


=====================================
data/dsa-needed.txt
=====================================
@@ -15,8 +15,6 @@ If needed, specify the release by adding a slash after the name of the source pa
 389-ds-base (fw)
   Thorsten Alteholz proposed an update
 --
-apache2 (carnil)
---
 evince/oldstable
 --
 faad2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ee67ebf0ef0002c7925e19259848474a7e5706f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ee67ebf0ef0002c7925e19259848474a7e5706f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/b4b554ce/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list