[Git][security-tracker-team/security-tracker][master] 2 commits: Add libclamunrar to dla-needed.txt (tentatively)

Markus Koschany apo at debian.org
Sun Mar 31 14:47:36 BST 2019 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c32baa6 by Markus Koschany at 2019-03-31T13:47:22Z
Add libclamunrar to dla-needed.txt (tentatively)

- - - - -
f88593c3 by Markus Koschany at 2019-03-31T13:47:23Z
Mark hoteldruid issues in Jessie as no-dsa.

Low popcon and not used by any sponsor. Contacted maintainer and asked if he
would like to prepare an update.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4403,15 +4403,19 @@ CVE-2019-9088
 CVE-2019-9087
 	RESERVED
 	- hoteldruid 2.3.2-1
+	[jessie] - hoteldruid <no-dsa> (low popcon, not used by any sponsor)
 CVE-2019-9086
 	RESERVED
 	- hoteldruid 2.3.2-1
+	[jessie] - hoteldruid <no-dsa> (low popcon, not used by any sponsor)
 CVE-2019-9085
 	RESERVED
 	- hoteldruid 2.3.2-1
+	[jessie] - hoteldruid <no-dsa> (low popcon, not used by any sponsor)
 CVE-2019-9084
 	RESERVED
 	- hoteldruid 2.3.2-1
+	[jessie] - hoteldruid <no-dsa> (low popcon, not used by any sponsor)
 CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanage ...)
 	NOT-FOR-US: SQLiteManager
 CVE-2018-20795 (tecrail Responsive FileManager 9.13.4 allows remote attackers to read  ...)


=====================================
data/dla-needed.txt
=====================================
@@ -46,6 +46,10 @@ imagemagick (Roberto C. Sánchez)
 --
 jruby (Abhijith PA)
 --
+libclamunrar
+  NOTE: 20190331: Package is non-free and not used by sponsors but maybe it can be fixed
+  NOTE: nonetheless together with clamav? (apo)
+--
 libdatetime-timezone-perl (Emilio)
 --
 liblivemedia



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3b6f533af8c35cc17108ff586177b3ff1325e333...f88593c34b96d0eaefabe9bca1686c409ebf99e9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3b6f533af8c35cc17108ff586177b3ff1325e333...f88593c34b96d0eaefabe9bca1686c409ebf99e9
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190331/58cb3124/attachment.html>

More information about the debian-security-tracker-commits mailing list