[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for ansible which got an update in DLA-1923-1

Salvatore Bonaccorso carnil at debian.org
Mon Sep 16 13:50:55 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
21e25131 by Salvatore Bonaccorso at 2019-09-16T12:50:20Z
Remove no-dsa tagged entries for ansible which got an update in DLA-1923-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18269,7 +18269,6 @@ CVE-2019-10156 (A flaw was discovered in the way Ansible templating was implemen
 	- ansible 2.8.3+dfsg-1 (low; bug #930065)
 	[buster] - ansible <no-dsa> (Minor issue)
 	[stretch] - ansible <no-dsa> (Minor issue)
-	[jessie] - ansible <no-dsa> (Minor issue, most likely not affected)
 	NOTE: https://github.com/ansible/ansible/pull/57188
 CVE-2019-10155 (The Libreswan Project has found a vulnerability in the processing of I ...)
 	- libreswan 3.27-6 (bug #930338)
@@ -69626,7 +69625,6 @@ CVE-2018-10876 (A flaw was found in Linux kernel in the ext4 filesystem code. A
 CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the current work ...)
 	{DSA-4396-1}
 	- ansible 2.6.1+dfsg-1
-	[jessie] - ansible <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596533
 	NOTE: https://github.com/ansible/ansible/pull/42070
 	NOTE: https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981
@@ -191442,7 +191440,6 @@ CVE-2015-5516 (Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM,
 	NOT-FOR-US: F5 BIG-IP
 CVE-2015-6240 (The chroot, jail, and zone connection plugins in ansible before 1.9.2  ...)
 	- ansible 1.9.2+dfsg-1 (low)
-	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/3
 CVE-2015-5515 (The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before 7.x- ...)
 	NOT-FOR-US: Drupal addon not packaged in Debian
@@ -196109,7 +196106,6 @@ CVE-2015-3909
 	RESERVED
 CVE-2015-3908 (Ansible before 1.9.2 does not verify that the server hostname matches  ...)
 	- ansible 1.9.2+dfsg-1 (low)
-	[jessie] - ansible <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/07/14/4
 	NOTE: Fixed in commit https://github.com/ansible/ansible/commit/be7c59c7bbe2c7cfaad0151c42693ebd0ea4243f
 CVE-2015-3907 (CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21e251316f792d3da6ed4edd7dbb196cb1508a83

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/21e251316f792d3da6ed4edd7dbb196cb1508a83
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/8c5044f0/attachment.html>


More information about the debian-security-tracker-commits mailing list