[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
jmm at debian.org
Tue Feb 19 21:17:00 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a9d86c13 by Moritz Muehlenhoff at 2019-02-19T21:16:37Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3231,8 +3231,9 @@ CVE-2019-7444
CVE-2019-7443 [Insecure handling of arguments in helpers]
RESERVED
- kauth 5.54.0-2 (bug #921995)
- [stretch] - kauth <no-dsa> (Minor issue)
+ [stretch] - kauth <no-dsa> (Minor issue, will be fixed in a point release)
- kde4libs <unfixed>
+ [stretch] - kde4libs <no-dsa> (Minor issue)
NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a
CVE-2019-7442
@@ -29300,6 +29301,7 @@ CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack w
NOTE: nettle version.
CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before version ...)
- qemu 1:3.1+dfsg-1 (bug #915884)
+ [stretch] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00390.html
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 (master)
=====================================
data/dsa-needed.txt
=====================================
@@ -28,6 +28,9 @@ graphicsmagick
libidn
santiago proposed debdiffs for jessie and stretch
--
+libpng1.6
+ wait for final patch
+--
libspring-java
--
linux
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190219/1fcd40e8/attachment.html>
More information about the debian-security-tracker-commits
mailing list