[Git][security-tracker-team/security-tracker][master] 2 commits: dla: poppler already triaged no-dsa for jessie

[Emilio Pozuelo Monfort]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d4a0193 by Emilio Pozuelo Monfort at 2019-01-19T12:46:27Z
dla: poppler already triaged no-dsa for jessie

- - - - -
68e99472 by Emilio Pozuelo Monfort at 2019-01-19T12:48:06Z
dla: add note for policykit-1

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -96,11 +96,7 @@ polarssl
   NOTE: 20121207: Not 100% sure if vulnerable. Upstream would prefer us to move to latest version, etc. (!). (lamby)
 --
 policykit-1 (Emilio)
-  NOTE: 20181207: jessie vulnerable to CVE-2018-19788? unable to reproduce systemctl poc (Santiago)
-  NOTE: 20181230: needs source code analysis
---
-poppler
-  NOTE: 20190116: CVE-2018-20650 is easy to fix, not yet triage for stretch, probably no-dsa
+  NOTE: 20190119: fix for CVE-2018-19788 not fully functional, investigating complete fix
 --
 python3.4 (Brian May)
   NOTE: 20181225: The update should include also the postponed and no-dsa



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/642cad9a3a7f18dc404ff254d394d807236cbff7...68e9947213bbc6082864c0601da3149d7526663f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/642cad9a3a7f18dc404ff254d394d807236cbff7...68e9947213bbc6082864c0601da3149d7526663f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190119/8c6cfa04/attachment.html>