[Git][security-tracker-team/security-tracker][master] node-fstream spu

Moritz Muehlenhoff jmm at debian.org
Sun Sep 1 22:32:43 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6666c45d by Moritz Muehlenhoff at 2019-09-01T21:32:21Z
node-fstream spu
rust crate triage

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -761,21 +761,26 @@ CVE-2018-20997 (An issue was discovered in the openssl crate before 0.10.9 for R
 	- rust-openssl <not-affected> (Only affected 0.10.8, which was never in the archive)
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0010.html
 CVE-2018-20996 (An issue was discovered in the crossbeam crate before 0.4.1 for Rust.  ...)
-	TODO: check
+	- rust-crossbeam-epoch <not-affected> (Fixed before initial upload to archive)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0009.html
 CVE-2018-20995 (An issue was discovered in the slice-deque crate before 0.1.16 for Rus ...)
-	TODO: check
+	NOT-FOR-US: Rust crate slice-deque
 CVE-2018-20994 (An issue was discovered in the trust-dns-proto crate before 0.5.0-alph ...)
-	TODO: check
+	NOT-FOR-US: Rust crate trust-dns-proto
 CVE-2018-20993 (An issue was discovered in the yaml-rust crate before 0.4.1 for Rust.  ...)
-	TODO: check
+	- rust-yaml-rust <not-affected> (Fixed before initial upload to archive)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0006.html
 CVE-2018-20992 (An issue was discovered in the claxon crate before 0.4.1 for Rust. Uni ...)
-	TODO: check
+	NOT-FOR-US: Rust crate claxon
 CVE-2018-20991 (An issue was discovered in the smallvec crate before 0.6.3 for Rust. T ...)
-	TODO: check
+	- rust-smallvec <not-affected> (Fixed before initial upload to archive)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0003.html
 CVE-2018-20990 (An issue was discovered in the tar crate before 0.4.16 for Rust. Arbit ...)
-	TODO: check
+	- rust-tar <not-affected> (Fixed with initial upload to archive)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0002.html
 CVE-2018-20989 (An issue was discovered in the untrusted crate before 0.6.2 for Rust.  ...)
-	TODO: check
+	- rust-untrusted <not-affected> (Fixed with initial upload to archive)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0001.html
 CVE-2017-18589 (An issue was discovered in the cookie crate before 0.7.6 for Rust. Lar ...)
 	TODO: check
 CVE-2017-18588 (An issue was discovered in the security-framework crate before 0.1.12  ...)


=====================================
data/next-point-update.txt
=====================================
@@ -149,3 +149,5 @@ CVE-2019-11727
 	[buster] - nss 2:3.42.1-1+deb10u1
 CVE-2019-11729
 	[buster] - nss 2:3.42.1-1+deb10u1
+CVE-2019-13173
+	[buster] - node-fstream 1.0.10-1+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6666c45d90daa5b1423288b40ede4eae27fec476

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6666c45d90daa5b1423288b40ede4eae27fec476
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190901/cc490310/attachment.html>

More information about the debian-security-tracker-commits mailing list