[Git][security-tracker-team/security-tracker][master] qt, libarchive DSAs
Moritz Muehlenhoff
jmm at debian.org
Thu Oct 31 21:23:56 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d90fc92d by Moritz Muehlenhoff at 2019-10-31T21:23:30Z
qt, libarchive DSAs
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -34004,11 +34004,13 @@ CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab
CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onw ...)
{DLA-1668-1}
- libarchive 3.3.3-4 (low)
+ [stretch] - libarchive 3.2.2-2+deb9u2
NOTE: https://github.com/libarchive/libarchive/pull/1120
NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onw ...)
{DLA-1668-1}
- libarchive 3.3.3-4 (low)
+ [stretch] - libarchive 3.2.2-2+deb9u2
NOTE: https://github.com/libarchive/libarchive/pull/1120
NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect A ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[31 Oct 2019] DSA-4557-1 libarchive - security update
+ {CVE-2019-18408}
+ [stretch] - libarchive 3.2.2-2+deb9u2
+ [buster] - libarchive 3.3.3-4+deb10u1
+[31 Oct 2019] DSA-4556-1 qtbase-opensource-src - security update
+ {CVE-2019-18281}
+ [buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u1
[29 Oct 2019] DSA-4555-1 pam-python - security update
{CVE-2019-16729}
[stretch] - pam-python 1.0.6-1.1+deb9u1
=====================================
data/dsa-needed.txt
=====================================
@@ -32,8 +32,6 @@ ibus
--
jruby/oldstable
--
-libarchive
---
libidn/oldstable
santiago proposed debdiffs for jessie and stretch
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d90fc92db23b1df0e28622b545006c85d1a41051
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d90fc92db23b1df0e28622b545006c85d1a41051
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191031/33bf6c51/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list