[Git][security-tracker-team/security-tracker][master] dla-needed: take imagemagick, update notes

Hugo Lefeuvre hle at debian.org
Fri Dec 27 14:33:32 GMT 2019 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff5fa5f8 by Hugo Lefeuvre at 2019-12-27T14:32:37Z
dla-needed: take imagemagick, update notes

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -20,7 +20,7 @@ apache-log4j1.2 (Chris Lamb)
   NOTE: 20191221: as recommended for oldstable by the secteam. (sunweaver)
 --
 clamav (Hugo Lefeuvre)
-  NOTE: 20191216: waiting for 0.102.1 to enter stretch/buster.
+  NOTE: 20191227: waiting for 0.102.1 to enter stretch/buster.
 --
 git (Roberto C. Sánchez)
   NOTE: 20191226: Patches integrated for 4 of 5 CVEs.  The last, CVE-2019-1387,
@@ -31,7 +31,7 @@ ibus (Emilio)
   NOTE: 20191210: See https://bugs.debian.org/941018
   NOTE: 20191210: See https://gitlab.gnome.org/GNOME/glib/merge_requests/1176
 --
-imagemagick
+imagemagick (Hugo Lefeuvre)
 --
 intel-microcode (Markus Koschany)
   NOTE: 20191218: Should be based on DSA-4565-2
@@ -90,7 +90,7 @@ otrs2 (Abhijith PA)
 php5 (Thorsten Alteholz)
 --
 python-reportlab (Hugo Lefeuvre)
-  NOTE: 20191209: still no upstream fix
+  NOTE: 20191227: still no upstream fix
 --
 radare2
   NOTE: 20190816: Affected by CVE-2019-14745. Vulnerable code is in
@@ -138,6 +138,7 @@ x2goclient (Mike Gabriel)
   NOTE: 20191221: https://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=ce559d1
 --
 xcftools (Hugo Lefeuvre)
+  NOTE: wrote a patch + reproducer for CVE-2019-5086, waiting for review.
 --
 xen
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff5fa5f80d6d99c71f6e3bebc92366eb90a16c4c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff5fa5f80d6d99c71f6e3bebc92366eb90a16c4c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191227/d1e593b7/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list