[Git][security-tracker-team/security-tracker][master] 2 commits: Claim libxmlrpc3-java in dla-needed.txt

Thu Jan 16 22:49:18 GMT 2020


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0670a2cb by Markus Koschany at 2020-01-16T23:49:08+01:00
Claim libxmlrpc3-java in dla-needed.txt

- - - - -
65401fd2 by Markus Koschany at 2020-01-16T23:49:09+01:00
CVE-2019-17570,libxmlrpc3-java: Link to Red Hat bug report and proposed patch

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -21452,6 +21452,7 @@ CVE-2019-17570 [untrusted deserialization]
 	RESERVED
 	- libxmlrpc3-java <unfixed> (bug #949089)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/01/16/1
+	NOTE: Proposed patch: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-17570
 CVE-2019-17569
 	RESERVED
 CVE-2019-17568


=====================================
data/dla-needed.txt
=====================================
@@ -61,6 +61,8 @@ libmatio (Adrian Bunk)
   NOTE: 20190428: older changes seem to also be required for them
   NOTE: 20200112: work is ongoing
 --
+libxmlrpc3-java (Markus Koschany)
+--
 linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/75c3a624d3167c590d2c9b50aa0ad2124b7623ab...65401fd28de38cfd893787709d60d2297d279446

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/75c3a624d3167c590d2c9b50aa0ad2124b7623ab...65401fd28de38cfd893787709d60d2297d279446
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200116/91dcc347/attachment.html>
