[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-5736/runc as no-dsa

Salvatore Bonaccorso carnil at debian.org
Mon Mar 11 20:39:26 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dda1b49b by Salvatore Bonaccorso at 2019-03-11T20:38:07Z
Mark CVE-2019-5736/runc as no-dsa

- - - - -
d24d162e by Salvatore Bonaccorso at 2019-03-11T20:39:11Z
Merge remote-tracking branch 'origin/master'

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9532,6 +9532,7 @@ CVE-2019-8308 (Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /
 CVE-2019-5736 (runc through 1.0-rc6, as used in Docker before 18.09.2 and other ...)
 	- lxc 1:3.1.0+really3.0.3-4 (bug #922169; unimportant)
 	- runc 1.0.0~rc6+dfsg1-2 (bug #922050)
+	[stretch] - runc <no-dsa> (Minor issue; no higher level users of runc in stretch; Can be fixed via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/02/11/2
 	NOTE: runc: Fixed by: https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
 	NOTE: lxc: Fixed by: https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d


=====================================
data/dsa-needed.txt
=====================================
@@ -48,8 +48,6 @@ openjdk-8 (jmm)
 --
 passenger
 --
-runc
---
 simplesamlphp
 --
 smarty3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/783fa4a6ad56c09e47f1d36ba34fe438a6728fb9...d24d162e6a98ef06746fb5a337a6cecfdb039eca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/783fa4a6ad56c09e47f1d36ba34fe438a6728fb9...d24d162e6a98ef06746fb5a337a6cecfdb039eca
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190311/a804a06d/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list