[Git][security-tracker-team/security-tracker][master] 2 commits: fix missing only for Jessie, so this will be done now ...

Thorsten Alteholz alteholz at debian.org
Sat Apr 25 22:11:05 BST 2020 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5862c3a2 by Thorsten Alteholz at 2020-04-25T23:10:20+02:00
fix missing only for Jessie, so this will be done now ...

- - - - -
821b4b3b by Thorsten Alteholz at 2020-04-25T23:10:54+02:00
Reserve DLA-2187-1 for radicale

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -168719,7 +168719,6 @@ CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3
 CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracl ...)
 	{DLA-934-1}
 	- radicale 1.1.1+20160115-4 (bug #861514)
-	[jessie] - radicale <no-dsa> (Minor issue)
 	NOTE: https://github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b (1.1.x)
 	NOTE: https://github.com/Kozea/Radicale/commit/059ba8dec1f22ccbeab837e288b3833a099cee2d (master)
 CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsene ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Apr 2020] DLA-2187-1 radicale - security update
+	{CVE-2017-8342}
+	[jessie] - radicale 0.9-1+deb8u2
 [25 Apr 2020] DLA-2186-1 ncmpc - security update
 	{CVE-2018-9240}
 	[jessie] - ncmpc 0.24-1+deb8u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0dcb414ddc57aaf95fedabc0349018a4bfe277b4...821b4b3b1483b1c9e25d0e8eba1a42f177313a3e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0dcb414ddc57aaf95fedabc0349018a4bfe277b4...821b4b3b1483b1c9e25d0e8eba1a42f177313a3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200425/87c29a00/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list