[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-19221 as no-dsa for jessie

Thorsten Alteholz alteholz at debian.org
Sat Nov 23 18:28:22 GMT 2019 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
261b6b29 by Thorsten Alteholz at 2019-11-23T18:25:37Z
mark CVE-2019-19221 as no-dsa for jessie

- - - - -
9608d609 by Thorsten Alteholz at 2019-11-23T18:26:08Z
add xcftools

- - - - -
b6b032cc by Thorsten Alteholz at 2019-11-23T18:27:47Z
add clamav

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,6 +39,7 @@ CVE-2019-19222
 	RESERVED
 CVE-2019-19221 (In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string ...)
 	- libarchive <unfixed> (bug #945287)
+	[jessie] - libarchive <no-dsa> (Minor issue)
 	NOTE: https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41
 	NOTE: https://github.com/libarchive/libarchive/issues/1276
 CVE-2019-19220


=====================================
data/dla-needed.txt
=====================================
@@ -23,6 +23,8 @@ ansible
 bind9 (Thorsten Alteholz)
   NOTE: no point release in Jessie, so fix it here
 --
+clamav
+--
 freeimage (hle)
   NOTE: 20191028: submitted a patch for CVE-2019-12211, see Debian bug report
   NOTE: 20191123: upstream appears to have merged a modified version of my patch
@@ -133,6 +135,8 @@ vino (Mike Gabriel)
 wordpress
   NOTE: 20191106: no upstream fix found for CVE-2019-17672 and CVE-2019-17674. Rest uploaded. (abhijith)
 --
+xcftools
+--
 xen
 --
 yard



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b84b4f9f1a073f5b3292977c4384fad0bea973e6...b6b032cc3a6f74297a303d042d4dbc94d8fa6a6b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b84b4f9f1a073f5b3292977c4384fad0bea973e6...b6b032cc3a6f74297a303d042d4dbc94d8fa6a6b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191123/6df14836/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list