[Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2019-12384 as workaround

Sun Oct 6 20:58:02 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89617998 by Salvatore Bonaccorso at 2019-10-06T19:57:37Z
Remove listing of CVE-2019-12384 as workaround

It was fixed already in 2.9.8-3 which was in buster. But it got included
in the stretch-security update. The DSA entry will cross reference for
both codename suites, but then mark 2.9.8-3+deb10u1 as the first version
in buster containing the fix. Thus remove the CVE from the list and keep
the explicit [stretch] tagged entry in data/CVE/list.

- - - - -


1 changed file:

- data/DSA/list


Changes:

=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [06 Oct 2019] DSA-4542-1 jackson-databind - security update
-	{CVE-2019-14379 CVE-2019-12384 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943}
+	{CVE-2019-14379 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943}
 	[stretch] - jackson-databind 2.8.6-1+deb9u6
 	[buster] - jackson-databind 2.9.8-3+deb10u1
 [04 Oct 2019] DSA-4541-1 libapreq2 - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89617998b415deb52ae03cd22aff0e63bdefd9d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/89617998b415deb52ae03cd22aff0e63bdefd9d1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191006/3d4d39e6/attachment.html>
