[Git][security-tracker-team/security-tracker][master] python postponed

Moritz Muehlenhoff jmm at debian.org
Wed Jan 16 19:20:40 GMT 2019 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3090a48a by Moritz Muehlenhoff at 2019-01-16T19:20:07Z
python postponed
nasm unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -347,11 +347,13 @@ CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka .
 	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/jbeder/yaml-cpp/issues/657
 CVE-2019-6291 (An issue was discovered in the function expr6 in eval.c in Netwide ...)
-	- nasm <unfixed>
+	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392549
+	NOTE: Crash in CLI tool, no security impact
 CVE-2019-6290 (An infinite recursion issue was discovered in eval.c in Netwide ...)
-	- nasm <unfixed>
+	- nasm <unfixed> (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392548
+	NOTE: Crash in CLI tool, no security impact
 CVE-2019-6289 (uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows ...)
 	NOT-FOR-US: DedeCMS
 CVE-2019-6288
@@ -3165,8 +3167,10 @@ CVE-2019-5010 [NULL pointer dereference using a specially crafted X509 certifica
 	- python3.7 <unfixed>
 	- python3.6 <unfixed>
 	- python3.5 <removed>
+	[stretch] - python3.5 <postponed> (Minor issue, can be fixed along in a future DSA)
 	- python3.4 <removed>
 	- python2.7 <unfixed>
+	[stretch] - python2.7 <postponed> (Minor issue, can be fixed along in a future DSA)
 	NOTE: https://bugs.python.org/issue35746
 	NOTE: https://github.com/python/cpython/pull/11569
 	NOTE: https://github.com/python/cpython/commit/be5de958e9052e322b0087c6dba81cdad0c3e031 (3.7.x)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3090a48a5ca791103c65f4fb498a88ba265bb930

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3090a48a5ca791103c65f4fb498a88ba265bb930
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190116/54b1de80/attachment.html>

More information about the debian-security-tracker-commits mailing list