[Git][security-tracker-team/security-tracker][master] tomcat8, debian-lan-config, openssl1.0 DSAs

Moritz Muehlenhoff jmm at debian.org
Fri Dec 27 21:47:48 GMT 2019



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b8701dcc by Moritz Muehlenhoff at 2019-12-27T21:47:20Z
tomcat8, debian-lan-config, openssl1.0 DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -95586,7 +95586,6 @@ CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache Tomc
 	{DLA-1883-1 DLA-1400-1}
 	- tomcat9 <not-affected> (Fixed before initial upload to Debian)
 	- tomcat8 8.5.32-1 (bug #898935)
-	[stretch] - tomcat8 <no-dsa> (Minor issue; user expected to configure filters appropriately)
 	- tomcat8.0 <removed> (unimportant)
 	NOTE: tomcat8.0 builds only tomcat8.0-user and libtomcat8.0-java
 	- tomcat7 7.0.72-3


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,12 @@
+[27 Dec 2019] DSA-4596-1 tomcat8 - security update
+	{CVE-2018-8014 CVE-2018-11784 CVE-2019-0199 CVE-2019-0221 CVE-2019-12418 CVE-2019-17563}
+	[stretch] - tomcat8 8.5.50-0+deb9u1
+[27 Dec 2019] DSA-4595-1 debian-lan-config - security update
+	[stretch] - debian-lan-config 0.23+deb9u1
+	[buster] - debian-lan-config 0.25+deb10u1
+[27 Dec 2019] DSA-4594-1 openssl1.0 - security update
+	{CVE-2019-1551}
+	[stretch] - openssl1.0 1.0.2u-1~deb9u1
 [27 Dec 2019] DSA-4593-1 freeimage - security update
 	{CVE-2019-12211 CVE-2019-12213}
 	[stretch] - freeimage 3.17.0+ds1-5+deb9u1


=====================================
data/dsa-needed.txt
=====================================
@@ -21,9 +21,6 @@ chromium
 --
 curl (ghedo)
 --
-debian-lan-config
-  Maintainer preparing updates
---
 evince/oldstable
 --
 glusterfs/oldstable
@@ -44,9 +41,6 @@ nodejs
 nss/oldstable (jmm)
   Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508
 --
-openssl1.0/oldstable (jmm)
-  Update done by maintainer
---
 poppler (jmm)
 --
 python3.5 (jmm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b8701dcc80374161d5639f782d9d8f5c3df7925c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b8701dcc80374161d5639f782d9d8f5c3df7925c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191227/bac0062a/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list