[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-1000494 fixed in recent upload
Thorsten Alteholz
alteholz at debian.org
Thu May 30 18:05:22 BST 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef481864 by Thorsten Alteholz at 2019-05-30T16:59:37Z
CVE-2017-1000494 fixed in recent upload
- - - - -
0ff73890 by Thorsten Alteholz at 2019-05-30T16:59:52Z
Reserve DLA-1811-1 for miniupnpd
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -73218,7 +73218,6 @@ CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site
CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt (u ...)
- miniupnpd 2.0.20171212-1 (bug #887129)
[stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
- [jessie] - miniupnpd <no-dsa> (Minor issue)
- miniupnpc 2.0.20171212-3 (unimportant)
NOTE: https://github.com/miniupnp/miniupnp/issues/268
NOTE: https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2019] DLA-1811-1 miniupnpd - security update
+ {CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111}
+ [jessie] - miniupnpd 1.8.20140523-4+deb8u1
[30 May 2019] DLA-1810-1 tomcat7 - security update
{CVE-2019-0221}
[jessie] - tomcat7 7.0.56-3+really7.0.94-1
=====================================
data/dla-needed.txt
=====================================
@@ -75,8 +75,6 @@ linux (Ben Hutchings)
--
linux-4.9 (Ben Hutchings)
--
-miniupnpd (Thorsten Alteholz)
---
mupdf (Mike Gabriel)
NOTE: 20190529: Upload candidate: http://packages.sunweavers.net/debian/pool/main/m/mupdf/mupdf_1.5-1+deb8u5.dsc
NOTE: 20190529: Not yet fully tested.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/901466d1e28b71ca98e8684616f7da53688a6d58...0ff7389037099916ae79f7cd94728440c3136f07
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/901466d1e28b71ca98e8684616f7da53688a6d58...0ff7389037099916ae79f7cd94728440c3136f07
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190530/22463f9b/attachment.html>
More information about the debian-security-tracker-commits
mailing list