[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for ansible which got an update in DLA-1923-1
Salvatore Bonaccorso
carnil at debian.org
Mon Sep 16 13:50:55 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21e25131 by Salvatore Bonaccorso at 2019-09-16T12:50:20Z
Remove no-dsa tagged entries for ansible which got an update in DLA-1923-1
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18269,7 +18269,6 @@ CVE-2019-10156 (A flaw was discovered in the way Ansible templating was implemen
- ansible 2.8.3+dfsg-1 (low; bug #930065)
[buster] - ansible <no-dsa> (Minor issue)
[stretch] - ansible <no-dsa> (Minor issue)
- [jessie] - ansible <no-dsa> (Minor issue, most likely not affected)
NOTE: https://github.com/ansible/ansible/pull/57188
CVE-2019-10155 (The Libreswan Project has found a vulnerability in the processing of I ...)
- libreswan 3.27-6 (bug #930338)
@@ -69626,7 +69625,6 @@ CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A
CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the current work ...)
{DSA-4396-1}
- ansible 2.6.1+dfsg-1
- [jessie] - ansible <no-dsa> (Too intrusive to backport)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596533
NOTE: https://github.com/ansible/ansible/pull/42070
NOTE: https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981
@@ -191442,7 +191440,6 @@ CVE-2015-5516 (Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM,
NOT-FOR-US: F5 BIG-IP
CVE-2015-6240 (The chroot, jail, and zone connection plugins in ansible before 1.9.2 ...)
- ansible 1.9.2+dfsg-1 (low)
- [jessie] - ansible <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/3
CVE-2015-5515 (The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before 7.x- ...)
NOT-FOR-US: Drupal addon not packaged in Debian
@@ -196109,7 +196106,6 @@ CVE-2015-3909
RESERVED
CVE-2015-3908 (Ansible before 1.9.2 does not verify that the server hostname matches ...)
- ansible 1.9.2+dfsg-1 (low)
- [jessie] - ansible <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/4
NOTE: Fixed in commit https://github.com/ansible/ansible/commit/be7c59c7bbe2c7cfaad0151c42693ebd0ea4243f
CVE-2015-3907 (CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21e251316f792d3da6ed4edd7dbb196cb1508a83
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21e251316f792d3da6ed4edd7dbb196cb1508a83
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/8c5044f0/attachment.html>
More information about the debian-security-tracker-commits
mailing list