[Git][security-tracker-team/security-tracker][master] 2 commits: the time for an upload has come
Thorsten Alteholz
alteholz at debian.org
Tue Nov 26 21:31:11 GMT 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac46afd9 by Thorsten Alteholz at 2019-11-26T21:30:26Z
the time for an upload has come
- - - - -
953083da by Thorsten Alteholz at 2019-11-26T21:30:52Z
Reserve DLA-2011-1 for xmlrpc-epi
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -173818,7 +173818,6 @@ CVE-2016-6296 (Integer signedness error in the simplestring_addn function in sim
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
- xmlrpc-epi 0.54.2-1.2 (bug #832959)
- [jessie] - xmlrpc-epi <no-dsa> (Can be fixed via point release, nothing depending on it in stable)
NOTE: In stretch/sid php7.0 is using the system library not the embedded one.
CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x bef ...)
{DSA-3631-1 DLA-628-1}
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Nov 2019] DLA-2011-1 xmlrpc-epi - security update
+ {CVE-2016-6296}
+ [jessie] - xmlrpc-epi 0.54.2-1.1+deb8u1
[26 Nov 2019] DLA-2010-1 bsdiff - security update
{CVE-2014-9862}
[jessie] - bsdiff 4.3-15+deb8u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0f8eb03ce4bfdc25a88e452a0c16c4490c745da...953083dabea317f5a6249e8b832100a239a39df6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0f8eb03ce4bfdc25a88e452a0c16c4490c745da...953083dabea317f5a6249e8b832100a239a39df6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191126/3437e6f9/attachment.html>
More information about the debian-security-tracker-commits
mailing list