[Git][security-tracker-team/security-tracker][master] 2 commits: After investigating further, remove samba from dla-needed.txt; this is a minor...
Chris Lamb
lamby at debian.org
Thu Apr 30 13:03:23 BST 2020
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f2b97709 by Chris Lamb at 2020-04-30T13:03:13+01:00
After investigating further, remove samba from dla-needed.txt; this is a minor issue and the patch is very invasive (eg. http://paste.debian.net/plain/1143919 is big but not even complete)
- - - - -
fa74cfc2 by Chris Lamb at 2020-04-30T13:03:13+01:00
dla-needed.txt: Add drive-thru note for openldap.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5461,6 +5461,7 @@ CVE-2020-10704
- samba <unfixed>
[buster] - samba <postponed> (Can be fixed along in future DSA)
[stretch] - samba <postponed> (Can be fixed along in future DSA)
+ [jessie] - samba <postponed> (Minor issue and the patch is very invisible, eg. http://paste.debian.net/plain/1143919 is not even complete)
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334
NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html
CVE-2020-10703 [Potential denial of service via active pool without target path]
=====================================
data/dla-needed.txt
=====================================
@@ -65,6 +65,7 @@ opendmarc (Thorsten Alteholz)
NOTE: 20200420: still testing package, original patch does not seem to be enough, still ongoing
--
openldap (Roberto C. Sánchez)
+ NOTE: 20200430: Similar issue to samba's CVE-2020-10704. (lamby)
--
otrs2 (Abhijith PA)
NOTE: 20200412: Asked upstream for clarity in CVE-2020-1769 patch (abhijith)
@@ -78,8 +79,6 @@ php5 (Thorsten Alteholz)
--
qemu (Adrian Bunk)
--
-samba (Chris Lamb)
---
sqlite3 (Mike Gabriel)
--
squid3 (Markus Koschany)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/97c6ed9d85a5b635f1120ef618889cec0a6e3c22...fa74cfc2978eaef8a609668b5d3bea790b9e99dd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/97c6ed9d85a5b635f1120ef618889cec0a6e3c22...fa74cfc2978eaef8a609668b5d3bea790b9e99dd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200430/fffbb304/attachment.html>
More information about the debian-security-tracker-commits
mailing list