[Git][security-tracker-team/security-tracker][master] 2 commits: Jessie only CVEs have been fixed

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3de323d5 by Thorsten Alteholz at 2020-01-29T22:49:20+01:00
Jessie only CVEs have been fixed

- - - - -
886c3bf6 by Thorsten Alteholz at 2020-01-29T22:49:59+01:00
Reserve DLA-2085-1 for zlib

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -174101,7 +174101,6 @@ CVE-2016-9845 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulat
 CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow context-de ...)
 	{DLA-1725-1}
 	- zlib 1:1.2.8.dfsg-3 (bug #847275)
-	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
 	- rsync 3.1.3-6 (bug #924509)
 	[stretch] - rsync 3.1.2-1+deb9u2
@@ -174110,7 +174109,6 @@ CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow conte
 CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow contex ...)
 	{DLA-1725-1}
 	- zlib 1:1.2.8.dfsg-3 (bug #847274)
-	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
 	- rsync 3.1.3-6 (bug #924509)
 	[stretch] - rsync 3.1.2-1+deb9u2
@@ -174119,7 +174117,6 @@ CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow c
 CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers to hav ...)
 	{DLA-1725-1}
 	- zlib 1:1.2.8.dfsg-4 (bug #847270)
-	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
 	- rsync 3.1.3-6 (bug #924509)
 	[stretch] - rsync 3.1.2-1+deb9u2
@@ -174128,7 +174125,6 @@ CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers t
 CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers to ha ...)
 	{DLA-1725-1}
 	- zlib 1:1.2.8.dfsg-3 (bug #847270)
-	[jessie] - zlib <no-dsa> (Minor issue)
 	[wheezy] - zlib <no-dsa> (Minor issue)
 	- rsync 3.1.3-6 (bug #924509)
 	[stretch] - rsync 3.1.2-1+deb9u2


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Jan 2020] DLA-2085-1 zlib - security update
+	{CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843}
+	[jessie] - zlib 1:1.2.8.dfsg-2+deb8u1
 [29 Jan 2020] DLA-2084-1 graphicsmagick - security update
 	{CVE-2019-19950 CVE-2019-19951 CVE-2019-19953}
 	[jessie] - graphicsmagick 1.3.20-3+deb8u8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/98c74b90a87b1115305cb8b48ae2b99ca5c79c10...886c3bf6921a8dc68557782f5494c85f46cf6a81

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/98c74b90a87b1115305cb8b48ae2b99ca5c79c10...886c3bf6921a8dc68557782f5494c85f46cf6a81
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200129/b41fc085/attachment-0001.html>