[Git][security-tracker-team/security-tracker][master] 3 commits: update note
Thorsten Alteholz
alteholz at debian.org
Sun Jan 26 21:35:54 GMT 2020
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2e07338e by Thorsten Alteholz at 2020-01-26T22:34:50+01:00
update note
- - - - -
c35565ac by Thorsten Alteholz at 2020-01-26T22:34:51+01:00
CVE-2015-6748 will be fixed
- - - - -
acb9120d by Thorsten Alteholz at 2020-01-26T22:35:39+01:00
Reserve DLA-2075-1 for jsoup
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -216745,7 +216745,6 @@ CVE-2015-6738
RESERVED
CVE-2015-6748 (Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. ...)
- jsoup 1.8.3-1 (bug #797275)
- [jessie] - jsoup <no-dsa> (Minor issue)
[wheezy] - jsoup <no-dsa> (Minor issue)
NOTE: https://github.com/jhy/jsoup/pull/582
NOTE: https://hibernate.atlassian.net/browse/HV-1012
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Jan 2020] DLA-2075-1 jsoup - security update
+ {CVE-2015-6748}
+ [jessie] - jsoup 1.8.1-1+deb8u1
[23 Jan 2020] DLA-2074-1 python-apt - security update
{CVE-2019-15795 CVE-2019-15796}
[jessie] - python-apt 0.9.3.13
=====================================
data/dla-needed.txt
=====================================
@@ -119,7 +119,7 @@ slurm-llnl
--
sqlite3 (Thorsten Alteholz)
NOTE: 20191212: look at no-dsa as well
- NOTE: 20200112: WIP
+ NOTE: 20200126: WIP
--
squid3
NOTE: 20191210: CVE-2019-12523 and CVE-2019-18676 Requires new API SBuf.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/70e452937683a6bcd4e98d4d9e6fbfb08c35ea02...acb9120d35c27d0f919ddbd55600f08036f95254
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/70e452937683a6bcd4e98d4d9e6fbfb08c35ea02...acb9120d35c27d0f919ddbd55600f08036f95254
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200126/bdcba9db/attachment.html>
More information about the debian-security-tracker-commits
mailing list