[Git][security-tracker-team/security-tracker][master] 2 commits: Expand note on ibus fix uncovering glib2.0 issue

Salvatore Bonaccorso carnil at debian.org
Tue Nov 5 07:43:03 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6973e892 by Salvatore Bonaccorso at 2019-11-05T07:41:27Z
Expand note on ibus fix uncovering glib2.0 issue

There will at current stage no need of further changes in src:ibus
itself and the glib2.0 issue will be fixed via point releases.

- - - - -
cb1a16c5 by Salvatore Bonaccorso at 2019-11-05T07:42:37Z
Remove ibus from dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -11470,7 +11470,9 @@ CVE-2019-14822 [missing authorization flaw]
 	- ibus 1.5.21-1 (bug #940267)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/09/13/1
 	NOTE: Fixed by: https://github.com/ibus/ibus/commit/3d442dbf936d197aa11ca0a71663c2bc61696151
-	NOTE: The original fix introduces regression with Qt applications:
+	NOTE: The original fix introduces regression with Qt applications (the fix uncovered an
+	NOTE: interoperability bug between GLib's implementation of D-Bus and the reference implementation
+	NOTE: libdbus):
 	NOTE: https://bugs.debian.org/941018
 	NOTE: https://launchpad.net/bugs/1844853
 	NOTE: https://github.com/ibus/ibus/issues/2137


=====================================
data/dsa-needed.txt
=====================================
@@ -29,9 +29,6 @@ glusterfs/oldstable
 --
 graphicsmagick/oldstable
 --
-ibus
-  Regression: #941018
---
 jruby/oldstable
 --
 libidn/oldstable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c2b58ca1154996a6bc287200f2009b156f78273c...cb1a16c58f7e93ee384fee5369a07118b705d968

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c2b58ca1154996a6bc287200f2009b156f78273c...cb1a16c58f7e93ee384fee5369a07118b705d968
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191105/df9aacb6/attachment.html>

More information about the debian-security-tracker-commits mailing list