[Git][security-tracker-team/security-tracker][master] 2 commits: update notes

Thorsten Alteholz alteholz at debian.org
Sun Jul 19 10:25:46 BST 2020 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
137e7ac4 by Thorsten Alteholz at 2020-07-19T11:17:58+02:00
update notes

- - - - -
630d2740 by Thorsten Alteholz at 2020-07-19T11:25:34+02:00
claim salt

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -45,6 +45,7 @@ condor (Roberto C. Sánchez)
   NOTE: 20200712: Requested input on path forward from debian-lts at l.d.o (roberto)
 --
 curl (Thorsten Alteholz)
+  NOTE: 20200719: testing package (thorsten)
 --
 ffmpeg (Adrian Bunk)
   NOTE: 20200707: Vulnerable to at least CVE-2020-13904. (lamby)
@@ -107,6 +108,7 @@ mumble
 --
 mupdf (Thorsten Alteholz)
   NOTE: 20200708: Vulnerable to at least CVE-2019-13290. (lamby)
+  NOTE: 20200719: testing package (thorsten)
 --
 nginx (Sylvain Beucler)
   NOTE: 20200713: update is ready, will publish after point release (Beuc)
@@ -116,8 +118,8 @@ nginx (Sylvain Beucler)
 nss (Adrian Bunk)
   NOTE: 20200706: from dsa-needed.txt: Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508 (Beuc)
 --
-opendmarc (Thorsten Alteholz)
-  NOTE: 20200621: testing package (thorsten)
+opendmarc
+  NOTE: 20200719: no patches for remaining CVEs available, everything else is already done in Stretch (thorsten)
 --
 pillow
   NOTE: 20200711: Appears vulnerable to at least CVE-2020-10177, but not CVE-2020-10378. (lamby)
@@ -141,7 +143,7 @@ ruby-zip
   NOTE: 20200710: Vulnerable to at least CVE-2018-1000544. (lamby)
   NOTE: 20200710: Was fixed in jessie LTS via DLA-1467-1. (lamby)
 --
-salt
+salt (Thorsten Alteholz)
   NOTE: 20200710: Vulnerable to at least CVE-2018-15751, which was
   NOTE: 20200710: not an issue in jessie LTS. (lamby)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03e1e30094c0150c4309c4454dc376c51f94ef6c...630d2740e74515ed7dd3f2cdc7aaed75399a5049

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/03e1e30094c0150c4309c4454dc376c51f94ef6c...630d2740e74515ed7dd3f2cdc7aaed75399a5049
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200719/fdc10116/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list