[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff
jmm at debian.org
Sun Dec 27 18:12:24 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8c6731fe by Moritz Muehlenhoff at 2020-12-27T19:12:02+01:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -108087,6 +108087,7 @@ CVE-2019-10736
RESERVED
CVE-2019-10735 (In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encry ...)
- claws-mail <unfixed> (low; bug #926705)
+ [bullseye] - claws-mail <no-dsa> (Minor issue)
[buster] - claws-mail <postponed> (Revisit when fixed upstream)
[stretch] - claws-mail <postponed> (Revisit when fixed upstream)
[jessie] - claws-mail <postponed> (Revisit when fixed upstream)
@@ -160156,6 +160157,7 @@ CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibl
NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...)
- giflib <unfixed> (bug #904113)
+ [bullseye] - giflib <no-dsa> (Minor issue)
[buster] - giflib <no-dsa> (Minor issue)
[stretch] - giflib <no-dsa> (Minor issue)
[jessie] - giflib <no-dsa> (Minor issue)
@@ -222939,6 +222941,7 @@ CVE-2017-7476 (Gnulib before 2017-04-26 has a heap-based buffer overflow with th
NOTE: Introduced with 4bc76593 and 4e6e16b3f.
CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer dereference relat ...)
- cairo <unfixed> (low; bug #870264)
+ [bullseye] - cairo <ignored> (Minor issue)
[buster] - cairo <ignored> (Minor issue)
[stretch] - cairo <no-dsa> (Minor issue)
[jessie] - cairo <no-dsa> (Minor issue)
@@ -257244,10 +257247,12 @@ CVE-2016-5417 (Memory leak in the __res_vinit function in the IPv6 name server m
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19257
CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...)
- 389-ds-base <unfixed> (bug #834233)
- [buster] - 389-ds-base <no-dsa> (Minor issue)
+ [bullseye] - 389-ds-base <ignored> (Minor issue)
+ [buster] - 389-ds-base <ignored> (Minor issue)
[stretch] - 389-ds-base <no-dsa> (Minor issue)
[jessie] - 389-ds-base <no-dsa> (Minor issue)
NOTE: https://fedorahosted.org/389/ticket/48852
+ NOTE: https://github.com/389ds/389-ds-base/issues/1912
NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354
CVE-2016-5415
RESERVED
@@ -258103,6 +258108,7 @@ CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 all
NOTE: https://www.openwall.com/lists/oss-security/2016/06/07/2
CVE-2016-1000002 (gdm3 3.14.2 and possibly later has an information leak before screen l ...)
- gdm3 <unfixed> (low; bug #849432)
+ [bullseye] - gdm3 <ignored> (Minor issue)
[buster] - gdm3 <ignored> (Minor issue)
[stretch] - gdm3 <ignored> (Minor issue)
[jessie] - gdm3 <ignored> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c6731fe9e68ba3a11e6a1363a9d1c54c7c54895
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c6731fe9e68ba3a11e6a1363a9d1c54c7c54895
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201227/3dd35c1c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list