[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-17400 as no-dsa for Jessie

Thorsten Alteholz alteholz at debian.org
Tue Oct 22 14:41:14 BST 2019 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3fcee20 by Thorsten Alteholz at 2019-10-22T13:38:48Z
mark CVE-2019-17400 as no-dsa for Jessie

- - - - -
dba62c00 by Thorsten Alteholz at 2019-10-22T13:39:11Z
claim file

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2973,6 +2973,7 @@ CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer ov
 	NOTE: https://github.com/libyal/liblnk/issues/40
 CVE-2019-17400 (The unoconv package before 0.9 mishandles untrusted pathnames, leading ...)
 	- unoconv <unfixed>
+	[jessie] - unoconv <no-dsa> (Minor issue)
 CVE-2019-17399 (The Shack Forms Pro extension before 4.0.32 for Joomla! allows path tr ...)
 	NOT-FOR-US: Shack Forms Pro extension for Joomla!
 CVE-2019-17398 (In the Dark Horse Comics application 1.3.21 for Android, token informa ...)


=====================================
data/dla-needed.txt
=====================================
@@ -17,6 +17,8 @@ ampache (Roberto C. Sánchez)
 ansible (Utkarsh Gupta)
   NOTE: 20191011: Code appears to be in lib/ansible/callbacks.py in jessie's version. (lamby)
 --
+file (Thorsten Alteholz)
+--
 freeimage (Hugo Lefeuvre)
   NOTE: Maintainer will take care of the update.
   NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f86d799461520e567bfa4a25229701d828e3b674...dba62c0083c46d294e487c002c37e004b785895a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/f86d799461520e567bfa4a25229701d828e3b674...dba62c0083c46d294e487c002c37e004b785895a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191022/8908c4e5/attachment.html>

More information about the debian-security-tracker-commits mailing list