[Git][security-tracker-team/security-tracker][master] LTS/Annotate CVE-2019-13917/exim4 as not affecting jessie; remove entry from dla-needed.txt

Roberto C. Sánchez roberto at debian.org
Fri Jul 26 14:15:38 BST 2019 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c9fa585 by Roberto C. Sánchez at 2019-07-26T13:15:18Z
LTS/Annotate CVE-2019-13917/exim4 as not affecting jessie; remove entry from dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -758,6 +758,7 @@ CVE-2019-13918
 CVE-2019-13917 (Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution  ...)
 	{DSA-4488-1}
 	- exim4 4.92-10
+	[jessie] - exim4 <not-affected> (Vulnerable code confirmed as introduced in version 4.85)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/07/22/3
 	NOTE: https://www.exim.org/static/doc/security/CVE-2019-13917.txt
 	NOTE: https://git.exim.org/exim.git/commit/21aa05977abff1eaa69bb97ef99080220915f7c0


=====================================
data/dla-needed.txt
=====================================
@@ -13,9 +13,6 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 cfengine3
   NOTE: 20190628: likely not affected by CVE-2019-9929, but other not-yet-CVE'ed issues ahead
 --
-exim4 (Roberto C. Sánchez)
-  NOTE: Jessie probably affected, no details published yet
---
 faad2 (Hugo Lefeuvre)
   NOTE: 20190519: I have a few patches pending for open issues. Will be PR-ed soon.
   NOTE: 20190525: see https://github.com/knik0/faad2/pull/36



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c9fa585b1c9b00a1155759e2d96bc4b7d9d718a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c9fa585b1c9b00a1155759e2d96bc4b7d9d718a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190726/93b64078/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list