[Git][security-tracker-team/security-tracker][master] take firefox
Moritz Muehlenhoff
jmm at debian.org
Sun Mar 24 11:02:19 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06a07340 by Moritz Muehlenhoff at 2019-03-24T11:01:44Z
take firefox
qemu update
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1018,6 +1018,7 @@ CVE-2019-9824
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg01871.html
NOTE: https://www.openwall.com/lists/oss-security/2019/03/18/1
+ NOTE: https://github.com/qemu/qemu/commit/d3222975c7d6cda9e25809dea05241188457b113
CVE-2019-9823
RESERVED
CVE-2019-9822
@@ -3429,8 +3430,9 @@ CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet]
NOTE: Relates/corresponds to https://gitlab.com/NTPsec/ntpsec/issues/509 for ntpsec
NOTE: which has a separate CVE id CVE-2019-6445 specifically for src:ntpsec
CVE-2019-8934 (hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure becau ...)
- - qemu <unfixed> (bug #922923)
+ - qemu <unfixed> (low; bug #922923)
[buster] - qemu <ignored> (Too intrusive to backport, marginal impact)
+ [stretch] - qemu <ignored> (Too intrusive to backport, marginal impact)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html
CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ di ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -20,7 +20,7 @@ evolution
faad2
not yet fixed upstream
--
-firefox-esr
+firefox-esr (jmm)
--
glusterfs
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a07340b3364be7b8be0080efccdbb853f6e5ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a07340b3364be7b8be0080efccdbb853f6e5ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190324/cfaefb22/attachment.html>
More information about the debian-security-tracker-commits
mailing list