[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19648/yara as no-dsa on jessie

Emilio Pozuelo Monfort pochu at debian.org
Fri Feb 21 10:21:58 GMT 2020 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9b74ebbc by Emilio Pozuelo Monfort at 2020-02-21T11:21:30+01:00
Mark CVE-2019-19648/yara as no-dsa on jessie

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -16464,6 +16464,7 @@ CVE-2019-19648 (In the macho_parse_file functionality in macho/macho.c of YARA 3
 	- yara <unfixed>
 	[buster] - yara <no-dsa> (Minor issue)
 	[stretch] - yara <no-dsa> (Minor issue)
+	[jessie] - yara <no-dsa> (Minor issue)
 	NOTE: https://github.com/VirusTotal/yara/issues/1178
 CVE-2019-19647 (radare2 through 4.0.0 lacks validation of the content variable in the  ...)
 	- radare2 4.2.1+dfsg-1 (bug #947402)


=====================================
data/dla-needed.txt
=====================================
@@ -110,13 +110,6 @@ xerces-c (Hugo Lefeuvre)
   NOTE: 20200118: There is still no upstream patch. (lamby)
   NOTE: 20200210: working on a patch, see ML (hle)
 --
-yara
-  NOTE: 20191212: no upstream fix yet
-  NOTE: 20200119: still no upstream fix (daissi)
-  NOTE: 20200208: still no fix (lamby)
-  NOTE: 20200214: still no fix (lamby)
-  NOTE: 20200220: still no fix; pinged upstream (lamby)
---
 zsh (Roberto C. Sánchez)
   NOTE: 20200218: Package is ready for upload; sent request for additional testing to mailing list. (roberto)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b74ebbc2bfd46def03c495391307c0baa079b32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b74ebbc2bfd46def03c495391307c0baa079b32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200221/42bf528e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list