[Git][security-tracker-team/security-tracker][master] 3 commits: add thunderbird
Thorsten Alteholz
alteholz at debian.org
Wed Dec 2 21:19:15 GMT 2020
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2e2da3f3 by Thorsten Alteholz at 2020-12-02T22:15:46+01:00
add thunderbird
- - - - -
02cf139f by Thorsten Alteholz at 2020-12-02T22:16:30+01:00
mark CVE-2020-28916 as postponed for Stretch
- - - - -
e42d36b1 by Thorsten Alteholz at 2020-12-02T22:18:33+01:00
mark CVE-2020-25665 as ignored for Stretch
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1245,6 +1245,7 @@ CVE-2020-28916 [e1000e: infinite loop scenario in case of null packet descriptor
RESERVED
- qemu <unfixed>
[buster] - qemu <postponed> (Fix along in future DSA)
+ [stretch] - qemu <postponed> (Fix along in future DLA)
NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html
CVE-2020-28915 (A buffer over-read (at the framebuffer layer) in the fbcon code in the ...)
@@ -11874,6 +11875,7 @@ CVE-2020-25665
RESERVED
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <ignored> (Minor issue)
+ [stretch] - imagemagick <ignored> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1714
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/cfd829bd3581b092e0a267b3deba46fa90b9bc88
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ca80e93cc887fb8971ceba2eead2c74e2b927df4
=====================================
data/dla-needed.txt
=====================================
@@ -161,6 +161,8 @@ spice-vdagent (Abhijith PA)
spip
NOTE: Low priority for us. sec team did DSA-4798-1 (abhijith)
--
+thunderbird
+--
webcit (Markus Koschany)
NOTE: 20201130: Requested more information from upstream. Currently patches
NOTE: or workarounds are not available.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ea502232b2e4fb12e1936c262739e1bb50406c8...e42d36b179794bf5c01cd12c60d592ea618951f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ea502232b2e4fb12e1936c262739e1bb50406c8...e42d36b179794bf5c01cd12c60d592ea618951f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201202/f7bd0ac6/attachment.html>
More information about the debian-security-tracker-commits
mailing list