[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-17371 as no-dsa for Jessie

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4df2db6f by Thorsten Alteholz at 2019-10-18T10:19:15Z
mark CVE-2019-17371 as no-dsa for Jessie

- - - - -
df884cd4 by Thorsten Alteholz at 2019-10-18T10:19:55Z
no upload needed for libpng

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2939,6 +2939,7 @@ CVE-2019-17371 (libpng 1.6.37 has memory leaks in png_malloc_warn and png_create
 	[buster] - libpng1.6 <no-dsa> (Minor issue)
 	[stretch] - libpng1.6 <no-dsa> (Minor issue)
 	- libpng <removed>
+	[jessie] - libpng <no-dsa> (Minor issue)
 	NOTE: https://github.com/glennrp/libpng/issues/307
 CVE-2019-17370 (OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheck ...)
 	NOT-FOR-US: OTCMS


=====================================
data/dla-needed.txt
=====================================
@@ -82,8 +82,6 @@ libmatio (Adrian Bunk)
 --
 libpcap (Abhijith PA)
 --
-libpng (Thorsten Alteholz)
---
 libqb
   NOTE: 20190616: Upstream patch does not apply at all, but it appears that
   NOTE: 20190616: package is still vulnerable in ipc_posix_mq.c etc. or



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/735bc21c9f3dc17c3a5bc40f1a4358cfe1c85c42...df884cd412157eb474bc2552d0c65436cbc0ea50

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/735bc21c9f3dc17c3a5bc40f1a4358cfe1c85c42...df884cd412157eb474bc2552d0c65436cbc0ea50
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191018/d790ee7a/attachment.html>