[Git][security-tracker-team/security-tracker][master] Adding ruby-omniauth to the list of packages to fix for jessie.
Ola Lundqvist
opal at debian.org
Sun May 12 18:05:30 BST 2019
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
27463a2c by Ola Lundqvist at 2019-05-12T17:05:16Z
Adding ruby-omniauth to the list of packages to fix for jessie.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -102,6 +102,11 @@ qt4-x11 (Mike Gabriel)
NOTE: dla-1627 (Qt5) to apply to Qt4 as well
NOTE: CVE-2018-19872 id. while we're at it (minor)
--
+ruby-omniauth
+ NOTE: CVE-2015-9284: The vulnerability is rathar bad, especially in combination with other
+ NOTE: CVE-2015-9284: known vulnerabilities. However the issue is rather old and the impact
+ NOTE: CVE-2015-9284: may be rather large. When fixing this needs to be further investigated.
+--
sox (Emilio)
NOTE: 20190416: CVE-2019-835{4,5,6,7} no upstream patch yet, might take some time.
NOTE: Check again later. - hle
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/27463a2cbae7fd2c40000b8abe990bb1c3294c12
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/27463a2cbae7fd2c40000b8abe990bb1c3294c12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190512/0ea7bd3a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list