[Git][security-tracker-team/security-tracker][master] CVE-2020-13645/glib-networking to be fixed via ospu

Emilio Pozuelo Monfort pochu at debian.org
Mon Jul 13 09:06:03 BST 2020 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de8eb09e by Emilio Pozuelo Monfort at 2020-07-13T10:01:42+02:00
CVE-2020-13645/glib-networking to be fixed via ospu

- - - - -


3 changed files:

- data/CVE/list
- data/dla-needed.txt
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5041,6 +5041,7 @@ CVE-2020-13646 (In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows
 CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
 	- glib-networking 2.64.3-2 (bug #961756)
 	[buster] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
 	NOTE: Updating glib-networking to address CVE-2020-13645 will need a compatibility
 	NOTE: update as well for balsa (cf. https://bugs.debian.org/961792)


=====================================
data/dla-needed.txt
=====================================
@@ -61,8 +61,6 @@ freerdp
   NOTE: 20200510: Vulnerable to at least CVE-2020-11042. (lamby)
   NOTE: 20200531: Discussing if EOL'ing of freerdp (1.1) makes sense (sunweaver)
 --
-glib-networking (Emilio)
---
 golang-github-seccomp-libseccomp-golang (Adrian Bunk)
 --
 gupnp


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -203,3 +203,5 @@ CVE-2019-11459
 	[stretch] - atril 1.16.1-2+deb9u2
 CVE-2019-17566
 	[stretch] - batik 1.8-4+deb9u2
+CVE-2020-13645
+	[stretch] - glib-networking 2.50.0-1+deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de8eb09e17e15a50040773c23fadd830a7ab1238

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de8eb09e17e15a50040773c23fadd830a7ab1238
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200713/54cbc93f/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list