[Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage mupdf for stretch LTS.

Chris Lamb lamby at debian.org
Wed Jul 8 15:59:35 BST 2020



Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a4fd2b92 by Chris Lamb at 2020-07-08T15:59:28+01:00
data/dla-needed.txt: Triage mupdf for stretch LTS.

- - - - -
9898c16f by Chris Lamb at 2020-07-08T15:59:28+01:00
data/dla-needed.txt: Add note regarding mupdf in stretch LTS.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -85,6 +85,9 @@ mumble
   NOTE: 20200420: Upstream patch is incomplete. Version in stretch is also vulnerable (abhijith)
   NOTE: 20200504: discussion going on with team at security.debian.org and mumble maintainer (abhijith)
 --
+mupdf
+  NOTE: 20200708: Vulnerable to at least CVE-2019-13290. (lamby)
+--
 nginx (Sylvain Beucler)
   NOTE: 20200505: Patch for CVE-2020-11724 appears to be fairly invasive and, alas, no tests. (lamby)
   NOTE: 20200708: #948650 is a stretch point release update for CVE-2019-20372 (bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a4643c12c5f920afb54804d589ab96e247a2cfb...9898c16f9be35330c6752b422a08c6a18f1e912f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a4643c12c5f920afb54804d589ab96e247a2cfb...9898c16f9be35330c6752b422a08c6a18f1e912f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/634a49bb/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list