[Git][security-tracker-team/security-tracker][master] Reserve DLA-2000-1 for pam-python

Hugo Lefeuvre hle at debian.org
Sat Nov 23 08:44:16 GMT 2019 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f7d26d3 by Hugo Lefeuvre at 2019-11-23T08:43:54Z
Reserve DLA-2000-1 for pam-python

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[23 Nov 2019] DLA-2000-1 pam-python - security update
+	{CVE-2019-16729}
+	[jessie] - pam-python 1.0.4-1.1+deb8u1
 [18 Nov 2019] DLA-1999-1 symfony - security update
 	{CVE-2019-18886 CVE-2019-18887 CVE-2019-18888}
 	[jessie] - symfony 2.3.21+dfsg-4+deb8u6


=====================================
data/dla-needed.txt
=====================================
@@ -94,21 +94,13 @@ openjdk-7 (Markus Koschany)
 otrs2 (Abhijith PA)
   NOTE: otrs2 is in jessie/main so it should be taken care off
 --
-pam-python (hle)
-  NOTE: 20190927: Upstream appear to not have a distinct revision for this fix,
-  NOTE: using a single commit for the entire release which changes many things. (lamby)
-  NOTE: 20191017: opened bug report and asked Russell (both Debian maintainer & upstream)
-  NOTE: for more information.
-  NOTE: 20191028: ongoing, maintainer will probably handle part or all of the update
-  NOTE: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942514
---
 php-horde (Roberto C. Sánchez)
 --
 php-horde-trean
   NOTE: 20191118: Upstream closed the ticket related to CVE-2019-12095, indicating that it is low priority for them. (roberto)
 --
 python-reportlab (Hugo Lefeuvre)
-  NOTE: 20191104: still no upstream fix
+  NOTE: 20191123: still no upstream fix
 --
 radare2
   NOTE: 20190816: Affected by CVE-2019-14745. Vulnerable code is in



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f7d26d308dae643972e568afaea4090e0f301d4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f7d26d308dae643972e568afaea4090e0f301d4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191123/a5b62636/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list