[Git][security-tracker-team/security-tracker][master] dla: update status

Sat Dec 12 12:28:43 GMT 2020


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
433dbd2e by Sylvain Beucler at 2020-12-12T13:27:44+01:00
dla: update status

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -29,6 +29,8 @@ ansible (Markus Koschany)
 --
 awstats (Sylvain Beucler)
   NOTE: 20201209: Reassigning to Sylvain on request. (lamby)
+  NOTE: 20201207: Requested CVE-2020-29600 for #891469 (incomplete fix for CVE-2017-1000501 in 7.7) (Beuc)
+  NOTE: 20201211: Requested CVE-2020-35176 (incomplete fix for the above in 7.8), waiting for upstream feedback (Beuc)
 --
 ceph
   NOTE: 20200707: Vulnerable to at least CVE-2018-14662. (lamby)
@@ -58,6 +60,8 @@ firmware-nonfree
 golang-websocket
 --
 imagemagick (Sylvain Beucler)
+  NOTE: 20201207: requested CVE-2020-29599 (Beuc)
+  NOTE: 20201212: batch of vulnerabilities triaged, the only important vulnerability is not reproducible, ongoing (Beuc)
 --
 influxdb
 --
@@ -171,6 +175,8 @@ spip (Abhijith PA)
   NOTE: Low priority for us. sec team did DSA-4798-1 (abhijith)
 --
 sympa (Sylvain Beucler)
+  NOTE: 20201009: Requested CVE-2020-29668, will fix in stretch (Beuc)
+  NOTE: 20201012: Prepared stable debdiff with maintainer to sync with LTS, sent to team at s.d.o (Beuc)
 --
 tomcat8 (Utkarsh)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/433dbd2e94ade054383900b1461fe7f2ef4a5c6b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/433dbd2e94ade054383900b1461fe7f2ef4a5c6b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201212/dd9894da/attachment-0001.html>
