[Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2019-9892/otrs2 as no-dsa for stretch

Salvatore Bonaccorso carnil at debian.org
Sun May 5 15:55:06 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1b80ddcc by Salvatore Bonaccorso at 2019-05-05T14:49:58Z
Mark CVE-2019-9892/otrs2 as no-dsa for stretch

- - - - -
ad13d5b4 by Salvatore Bonaccorso at 2019-05-05T14:50:47Z
Mark CVE-2019-10067/otrs2 as no-dsa for stretch

- - - - -
e4ca9928 by Salvatore Bonaccorso at 2019-05-05T14:54:35Z
Update status for CVE-2019-10066/otrs2 in stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4070,6 +4070,7 @@ CVE-2019-10067 [OSA-2019-05]
 	RESERVED
 	- otrs2 6.0.18-1
 	[buster] - otrs2 6.0.16-2
+	[stretch] - otrs2 <no-dsa> (Non-free not supported)
 	[jessie] - otrs2 <not-affected> (vulnerable code is not present)
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/8a489236336ddc82e745c27abb32dfa1ceefb0f4
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/67158d8b08309859572c795982ecc7c52484ab0e
@@ -4078,6 +4079,7 @@ CVE-2019-10066 [OSA-2019-06]
 	RESERVED
 	- otrs2 6.0.18-1
 	[buster] - otrs2 6.0.16-2
+	[stretch] - otrs2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - otrs2 <not-affected> (vulnerable code is not present)
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/b99cad21f2dd1c2d52299424a589b0b2f20d7ba8
 	NOTE: https://community.otrs.com/security-advisory-2019-06-security-update-for-otrs-framework/
@@ -4510,6 +4512,7 @@ CVE-2019-9892 [OSA-2019-04]
 	{DLA-1774-1}
 	- otrs2 6.0.18-1
 	[buster] - otrs2 6.0.16-2
+	[stretch] - otrs2 <no-dsa> (Non-free not supported)
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/3617488c6c28e06203e4127c7b031140f775a685
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/c3b9342a85c6f2c9382e074ad9cc440ce80a6f34
 	NOTE: https://community.otrs.com/security-advisory-2019-04-security-update-for-otrs-framework/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b9b43ebab6b9782d73c4dc6e6b5b71cd5bb23ea...e4ca99286c49c0d2cd32fdf6479c2bc529015dff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b9b43ebab6b9782d73c4dc6e6b5b71cd5bb23ea...e4ca99286c49c0d2cd32fdf6479c2bc529015dff
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190505/26bd07cc/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list