[Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage mupdf for stretch LTS.
Chris Lamb
lamby at debian.org
Wed Jul 8 15:59:35 BST 2020
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a4fd2b92 by Chris Lamb at 2020-07-08T15:59:28+01:00
data/dla-needed.txt: Triage mupdf for stretch LTS.
- - - - -
9898c16f by Chris Lamb at 2020-07-08T15:59:28+01:00
data/dla-needed.txt: Add note regarding mupdf in stretch LTS.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -85,6 +85,9 @@ mumble
NOTE: 20200420: Upstream patch is incomplete. Version in stretch is also vulnerable (abhijith)
NOTE: 20200504: discussion going on with team at security.debian.org and mumble maintainer (abhijith)
--
+mupdf
+ NOTE: 20200708: Vulnerable to at least CVE-2019-13290. (lamby)
+--
nginx (Sylvain Beucler)
NOTE: 20200505: Patch for CVE-2020-11724 appears to be fairly invasive and, alas, no tests. (lamby)
NOTE: 20200708: #948650 is a stretch point release update for CVE-2019-20372 (bunk)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a4643c12c5f920afb54804d589ab96e247a2cfb...9898c16f9be35330c6752b422a08c6a18f1e912f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a4643c12c5f920afb54804d589ab96e247a2cfb...9898c16f9be35330c6752b422a08c6a18f1e912f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/634a49bb/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list