[Git][security-tracker-team/security-tracker][master] LTS/python2.7, python3.4, python-urllib3 status update

Roberto C. Sánchez roberto at debian.org
Fri Mar 22 02:06:42 GMT 2019 

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cec43636 by Roberto C. Sánchez at 2019-03-22T02:05:55Z
LTS/python2.7, python3.4, python-urllib3 status update

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -36,8 +36,7 @@ imagemagick (Roberto C. Sánchez)
   NOTE: by patching them separetely as we did in Wheezy or by updating to a
   NOTE: new upstream version like the security team did with Graphicsmagick in
   NOTE: Stretch. (apo)
-  NOTE: Performed preliminary backport build (positive result), and sent inquiry
-  NOTE: to security team requesting guidance on how to proceed. (roberto)
+  NOTE: 20190321: Still waiting on security team response to inquiries from (apo) and (roberto)
 --
 libav
   NOTE: 20190131: Re-added after ~deb8u5 upload. Still not done, yet.
@@ -89,11 +88,15 @@ poppler
   NOTE: Fix available for CVE-2019-9631. Not so for CVE-2019-9543 nor CVE-2019-9545.
 --
 python-urllib3 (Roberto C. Sánchez)
-  NOTE: same issue as currenly affects python3.4/python2.7
+  NOTE: 20190321: Waiting on upstream action for CVE-2019-9740 (roberto)
 --
 python2.7 (Roberto C. Sánchez)
+  NOTE: 20190321: Patches integrated for CVE-2018-14647, CVE-2019-5010, and CVE-2019-9636
+  NOTE: 20190321: Waiting on upstream action for CVE-2019-9740 (roberto)
 --
 python3.4 (Roberto C. Sánchez)
+  NOTE: 20190321: Patches integrated for CVE-2018-14647 and CVE-2019-9636
+  NOTE: 20190321: Waiting on upstream action for CVE-2019-9740 (roberto)
 --
 qemu
   NOTE: CVE-2018-19665: wait for final patch



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec436360f74f77def890fec518c32381a56c236

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cec436360f74f77def890fec518c32381a56c236
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190322/437946ce/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list