[Git][security-tracker-team/security-tracker][master] qt, libarchive DSAs

Thu Oct 31 21:23:56 GMT 2019


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d90fc92d by Moritz Muehlenhoff at 2019-10-31T21:23:30Z
qt, libarchive DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -34004,11 +34004,13 @@ CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab
 CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onw ...)
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
+	[stretch] - libarchive 3.2.2-2+deb9u2
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
 CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onw ...)
 	{DLA-1668-1}
 	- libarchive 3.3.3-4 (low)
+	[stretch] - libarchive 3.2.2-2+deb9u2
 	NOTE: https://github.com/libarchive/libarchive/pull/1120
 	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
 CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect A ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[31 Oct 2019] DSA-4557-1 libarchive - security update
+	{CVE-2019-18408}
+	[stretch] - libarchive 3.2.2-2+deb9u2
+	[buster] - libarchive 3.3.3-4+deb10u1
+[31 Oct 2019] DSA-4556-1 qtbase-opensource-src - security update
+	{CVE-2019-18281}
+	[buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u1
 [29 Oct 2019] DSA-4555-1 pam-python - security update
 	{CVE-2019-16729}
 	[stretch] - pam-python 1.0.6-1.1+deb9u1


=====================================
data/dsa-needed.txt
=====================================
@@ -32,8 +32,6 @@ ibus
 --
 jruby/oldstable
 --
-libarchive
---
 libidn/oldstable
   santiago proposed debdiffs for jessie and stretch
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d90fc92db23b1df0e28622b545006c85d1a41051

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d90fc92db23b1df0e28622b545006c85d1a41051
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191031/33bf6c51/attachment-0001.html>
