[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-8798 will be fixed with upload to Jessie

Thorsten Alteholz alteholz at debian.org
Thu Apr 30 16:28:05 BST 2020 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8284fa2 by Thorsten Alteholz at 2020-04-30T17:27:29+02:00
CVE-2017-8798 will be fixed with upload to Jessie

- - - - -
74dfc3aa by Thorsten Alteholz at 2020-04-30T17:27:55+02:00
Reserve DLA-2197-1 for miniupnpc

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -168275,7 +168275,6 @@ CVE-2017-8799 (Untrusted input execution via igetwild in all iRODS versions befo
 CVE-2017-8798 (Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v ...)
 	{DLA-949-1}
 	- miniupnpc 1.9.20140610-3 (bug #862273)
-	[jessie] - miniupnpc <no-dsa> (Minor issue)
 	NOTE: https://github.com/tintinweb/pub/blob/master/pocs/cve-2017-8798/Readme.md
 	NOTE: Fixed by: https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
 CVE-2017-8797 (The NFSv4 server in the Linux kernel before 4.11.3 does not properly v ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Apr 2020] DLA-2197-1 miniupnpc - security update
+	{CVE-2017-8798}
+	[jessie] - miniupnpc 1.9.20140610-2+deb8u2
 [30 Apr 2020] DLA-2196-1 pound - security update
 	{CVE-2016-10711}
 	[jessie] - pound 2.6-6+deb8u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9df18cccb1247ad1f01e8f8fdd7794a936c399d4...74dfc3aacd17c3984b1668e6b8d891119f8986e5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9df18cccb1247ad1f01e8f8fdd7794a936c399d4...74dfc3aacd17c3984b1668e6b8d891119f8986e5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200430/0659a1a5/attachment.html>

More information about the debian-security-tracker-commits mailing list