[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14347 has been fixed in latest upload to stretch-security

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1cf90b5c by Thorsten Alteholz at 2020-08-30T23:32:22+02:00
CVE-2020-14347 has been fixed in latest upload to stretch-security

- - - - -
56aa2eda by Thorsten Alteholz at 2020-08-30T23:34:40+02:00
Reserve DLA-2358-1 for xorg-server

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -22560,7 +22560,6 @@ CVE-2020-14348
 	NOT-FOR-US: AMQ Online
 CVE-2020-14347 (A flaw was found in the way xserver memory was not properly initialize ...)
 	- xorg-server <unfixed> (bug #968986)
-	[stretch] - xorg-server <postponed> (Minor issue, can be fixed along in next release)
 	NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816
 CVE-2020-14346


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Aug 2020] DLA-2359-1 xorg-server - security update
+	{CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14361 CVE-2020-14362}
+	[stretch] - xorg-server 2:1.19.2-1+deb9u6
 [30 Aug 2020] DLA-2358-1 openexr - security update
 	{CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 CVE-2020-15305 CVE-2020-15306}
 	[stretch] - openexr 2.2.0-11+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -206,5 +206,3 @@ xcftools
   NOTE: 20200523: Proposed fix https://github.com/j-jorge/xcftools/pull/15 (gladk)
   NOTE: 20200605: Patch https://salsa.debian.org/lts-team/packages/xcftools/-/blob/fix/test-CVE-2019-5087/debian/patches/CVE-2019-5087.patch (gladk)
 --
-xorg-server (Thorsten Alteholz)
---



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd45a565f46d7ea2a799f2c293c9450ef100dd29...56aa2edae10bcfb271dccf9d12c57633201157c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd45a565f46d7ea2a799f2c293c9450ef100dd29...56aa2edae10bcfb271dccf9d12c57633201157c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200830/39b59c87/attachment-0001.html>