[Git][security-tracker-team/security-tracker][master] Reserve DLA-2107-1 for spamassassin

[Emilio Pozuelo Monfort]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
edd64c11 by Emilio Pozuelo Monfort at 2020-02-18T13:44:08+01:00
Reserve DLA-2107-1 for spamassassin

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Feb 2020] DLA-2107-1 spamassassin - security update
+	{CVE-2020-1930 CVE-2020-1931}
+	[jessie] - spamassassin 3.4.2-0+deb8u3
 [17 Feb 2020] DLA-2106-1 libgd2 - security update
 	{CVE-2018-14553}
 	[jessie] - libgd2 2.1.0-5+deb8u14


=====================================
data/dla-needed.txt
=====================================
@@ -93,10 +93,6 @@ slurm-llnl
   NOTE: 20191125: up for testing https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc
   NOTE: Regression found. (abhijith)
 --
-spamassassin (Emilio)
-  NOTE: 20200131: Code not checked whether it is actually vulnerable since it likely is. (ola)
-  NOTE: 20200131: Contacted SA maintainer: https://lists.debian.org/debian-lts/2020/01/msg00076.html (sunweaver)
---
 squid3 (Markus Koschany)
   NOTE: 20191210: CVE-2019-12523 and CVE-2019-18676 Requires new API SBuf.
   NOTE: 20200116: Researched other distros to see if any had backported the fixes.  No luck.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/edd64c11fbb739e379c4ab87eacc5566a9aefceb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/edd64c11fbb739e379c4ab87eacc5566a9aefceb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200218/ec6a7d16/attachment.html>