[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2019-16760 in cargo for jessie LTS.

Chris Lamb lamby at debian.org
Wed Oct 9 17:02:13 BST 2019 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b8442586 by Chris Lamb at 2019-10-09T16:00:44Z
Triage CVE-2019-16760 in cargo for jessie LTS.

- - - - -
cbc66db1 by Chris Lamb at 2019-10-09T16:01:59Z
Triage CVE-2019-16375 in otrs2 for jessie LTS

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1404,6 +1404,7 @@ CVE-2019-16761
 CVE-2019-16760 (Cargo prior to Rust 1.26.0 may download the wrong dependency if your p ...)
 	- cargo 0.27.0-1
 	[stretch] - cargo <postponed> (Upcoming upgrade of Cargo for ESR68 will fix this)
+	[jessie] - cargo <postponed> (Upcoming upgrade of Cargo for ESR68 will fix this)
 	NOTE: https://rustsec.org/advisories/CVE-2019-16760.html
 CVE-2019-16759 (vBulletin 5.x through 5.5.4 allows remote command execution via the wi ...)
 	NOT-FOR-US: vBulletin
@@ -2356,6 +2357,7 @@ CVE-2019-16375
 	- otrs2 6.0.23-1
 	[buster] - otrs2 <no-dsa> (Non-free not supported)
 	[stretch] - otrs2 <no-dsa> (Non-free not supported)
+	[jessie] - otrs2 <no-dsa> (Non-free not supported)
 	NOTE: https://community.otrs.com/security-advisory-2019-13-security-update-for-otrs-framework/
 	NOTE: https://github.com/OTRS/otrs/commit/aeb33d800716e2a6653597aa86314c4cbdadb678 (6.x)
 	NOTE: https://github.com/OTRS/otrs/commit/03ca8f396b1aa9933c212a63f52a9ea26c06e7da (5.x)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e2ffc726a333af7694096bd77d21c1f2833fa016...cbc66db1b20e1a951c2040ec2f5f000909f594b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e2ffc726a333af7694096bd77d21c1f2833fa016...cbc66db1b20e1a951c2040ec2f5f000909f594b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191009/7c038719/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list