[Git][security-tracker-team/security-tracker][master] tomcat8, debian-lan-config, openssl1.0 DSAs
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 27 21:47:48 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8701dcc by Moritz Muehlenhoff at 2019-12-27T21:47:20Z
tomcat8, debian-lan-config, openssl1.0 DSAs
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -95586,7 +95586,6 @@ CVE-2018-8014 (The defaults settings for the CORS filter provided in Apache Tomc
{DLA-1883-1 DLA-1400-1}
- tomcat9 <not-affected> (Fixed before initial upload to Debian)
- tomcat8 8.5.32-1 (bug #898935)
- [stretch] - tomcat8 <no-dsa> (Minor issue; user expected to configure filters appropriately)
- tomcat8.0 <removed> (unimportant)
NOTE: tomcat8.0 builds only tomcat8.0-user and libtomcat8.0-java
- tomcat7 7.0.72-3
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,12 @@
+[27 Dec 2019] DSA-4596-1 tomcat8 - security update
+ {CVE-2018-8014 CVE-2018-11784 CVE-2019-0199 CVE-2019-0221 CVE-2019-12418 CVE-2019-17563}
+ [stretch] - tomcat8 8.5.50-0+deb9u1
+[27 Dec 2019] DSA-4595-1 debian-lan-config - security update
+ [stretch] - debian-lan-config 0.23+deb9u1
+ [buster] - debian-lan-config 0.25+deb10u1
+[27 Dec 2019] DSA-4594-1 openssl1.0 - security update
+ {CVE-2019-1551}
+ [stretch] - openssl1.0 1.0.2u-1~deb9u1
[27 Dec 2019] DSA-4593-1 freeimage - security update
{CVE-2019-12211 CVE-2019-12213}
[stretch] - freeimage 3.17.0+ds1-5+deb9u1
=====================================
data/dsa-needed.txt
=====================================
@@ -21,9 +21,6 @@ chromium
--
curl (ghedo)
--
-debian-lan-config
- Maintainer preparing updates
---
evince/oldstable
--
glusterfs/oldstable
@@ -44,9 +41,6 @@ nodejs
nss/oldstable (jmm)
Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508
--
-openssl1.0/oldstable (jmm)
- Update done by maintainer
---
poppler (jmm)
--
python3.5 (jmm)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b8701dcc80374161d5639f782d9d8f5c3df7925c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b8701dcc80374161d5639f782d9d8f5c3df7925c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191227/bac0062a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list