[Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Drop errant parens.

Wed Feb 6 10:55:10 GMT 2019

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
636f8421 by Chris Lamb at 2019-02-06T10:35:14Z
data/dla-needed.txt: Drop errant parens.

- - - - -
47dce753 by Chris Lamb at 2019-02-06T10:52:23Z
data/dla-needed.txt: Correct ordering

- - - - -
b78664e3 by Chris Lamb at 2019-02-06T10:52:31Z
data/dla-needed.txt: Claim golang.

- - - - -
3cdc6efc by Chris Lamb at 2019-02-06T10:52:49Z
data/dla-needed.txt: Claim dovecot.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -17,7 +17,7 @@ ceph
 --
 coturn (Emilio)
 --
-dovecot
+dovecot (Chris Lamb)
 --
 drupal7
   NOTE: 20190203: For CVE-2019-6339 CVE-2018-1000888 in php-pear need a fix. I have uploaded drupal7 before.
@@ -62,7 +62,7 @@ ghostscript (Emilio)
 --
 gnutls28
 --
-golang
+golang (Chris Lamb)
 --
 imagemagick
   NOTE: 20181227: We should address the many open issues in imagemagick either
@@ -91,7 +91,7 @@ libraw (Abhijith PA)
 libreoffice
 --
 libsolv
-  NOTE: 20191027: maintainer is Mike Gabriel)
+  NOTE: 20191027: maintainer is Mike Gabriel
 --
 libthrift-java (Markus Koschany)
 --
@@ -118,11 +118,11 @@ openjdk-7
 --
 openssh (Mike Gabriel)
 --
-php5 (Roberto C. Sánchez)
---
 php-pear
   NOTE: 20190203: CVE-2018-1000888 needed for drupal7. I will look into this after libraw. (abhijith)
 --
+php5 (Roberto C. Sánchez)
+--
 phpmyadmin
   NOTE: CVE-2019-6798: SQL injection is serious but if you have been able to login as a crafted user
   NOTE: CVE-2019-6798: that is a more serious problem. The fix is simple so it can still be worth fixing
@@ -131,24 +131,22 @@ phpmyadmin
 polarssl
   NOTE: 20121207: Not 100% sure if vulnerable. Upstream would prefer us to move to latest version, etc. (!). (lamby)
 --
-python3.4 (Brian May)
-  NOTE: 20181225: The update should include also the postponed and no-dsa
-  NOTE: issues which were already fixed by us in Wheezy. (apo)
-  NOTE: 20190120: Have patched all known vulnerabilies, now testing.
---
 python-gnupg
   NOTE: 20190201: Bug can be reproduced on Buster/Sid with Jessie's version of
   NOTE: python-gnupg. Reproducer will not work in Jessie environment because of
   NOTE: older python version. (apo)
 --
+python3.4 (Brian May)
+  NOTE: 20181225: The update should include also the postponed and no-dsa
+  NOTE: issues which were already fixed by us in Wheezy. (apo)
+  NOTE: 20190120: Have patched all known vulnerabilies, now testing.
+--
 qemu (Hugo Lefeuvre)
   NOTE: CVE-2018-19665: working on a highly trimmed down version of upstream patch
   NOTE: CVE-2018-19665: also, current patch will not be merged by upstream, wait for updated version
   NOTE: CVE-2018-19665: see https://lists.debian.org/debian-lts/2019/01/msg00073.html
   NOTE: 20190129: working on a second upload addressing latest cves
 --
-uriparser (Thorsten Alteholz)
---
 rdesktop (Emilio)
 --
 sox
@@ -173,6 +171,8 @@ tiff
   NOTE: CVE-2018-18661: Not possible to prove it fixes the specified vulnerability.
   NOTE: CVE-2018-18661: See thread starting at https://lists.debian.org/debian-lts/2018/11/msg00033.html
 --
+uriparser (Thorsten Alteholz)
+--
 uw-imap (Roberto C. Sánchez)
   NOTE: 20190128: Still on hold pending response from maintainer, c.f. #914632 (roberto)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e97028fba9694bed83f697347d9d1a03f0f30410...3cdc6efcbb10ba748db237b9b1e53dc45b664914

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e97028fba9694bed83f697347d9d1a03f0f30410...3cdc6efcbb10ba748db237b9b1e53dc45b664914
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190206/f097ba5f/attachment-0001.html>
