[Git][security-tracker-team/security-tracker][master] CVE-2020-13645/glib-networking to be fixed via ospu
Emilio Pozuelo Monfort
pochu at debian.org
Mon Jul 13 09:06:03 BST 2020
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
de8eb09e by Emilio Pozuelo Monfort at 2020-07-13T10:01:42+02:00
CVE-2020-13645/glib-networking to be fixed via ospu
- - - - -
3 changed files:
- data/CVE/list
- data/dla-needed.txt
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5041,6 +5041,7 @@ CVE-2020-13646 (In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows
CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
- glib-networking 2.64.3-2 (bug #961756)
[buster] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
+ [stretch] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
NOTE: Updating glib-networking to address CVE-2020-13645 will need a compatibility
NOTE: update as well for balsa (cf. https://bugs.debian.org/961792)
=====================================
data/dla-needed.txt
=====================================
@@ -61,8 +61,6 @@ freerdp
NOTE: 20200510: Vulnerable to at least CVE-2020-11042. (lamby)
NOTE: 20200531: Discussing if EOL'ing of freerdp (1.1) makes sense (sunweaver)
--
-glib-networking (Emilio)
---
golang-github-seccomp-libseccomp-golang (Adrian Bunk)
--
gupnp
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -203,3 +203,5 @@ CVE-2019-11459
[stretch] - atril 1.16.1-2+deb9u2
CVE-2019-17566
[stretch] - batik 1.8-4+deb9u2
+CVE-2020-13645
+ [stretch] - glib-networking 2.50.0-1+deb9u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de8eb09e17e15a50040773c23fadd830a7ab1238
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de8eb09e17e15a50040773c23fadd830a7ab1238
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200713/54cbc93f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list