[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-13428 in vlc for jessie LTS.

Chris Lamb lamby at debian.org
Wed Jun 10 11:53:04 BST 2020 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2e2cb5ae by Chris Lamb at 2020-06-10T11:52:06+01:00
Triage CVE-2020-13428 in vlc for jessie LTS.

- - - - -
11acf0ae by Chris Lamb at 2020-06-10T11:52:46+01:00
data/dla-needed.txt: Triage intel-microcode for jessie LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1318,6 +1318,7 @@ CVE-2020-13429 (legend.ts in the piechart-panel (aka Pie Chart Panel) plugin bef
 	NOT-FOR-US: piechart-panel plugin for Grafana
 CVE-2020-13428 (A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in mod ...)
 	- vlc <unfixed>
+	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
 	NOTE: https://github.com/videolan/vlc-3.0/releases/tag/3.0.11
 	NOTE: http://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=d5c43c21c747ff30ed19fcca745dea3481c733e0
 CVE-2020-13427


=====================================
data/dla-needed.txt
=====================================
@@ -47,6 +47,8 @@ glib-networking
 --
 imagemagick (Markus Koschany)
 --
+intel-microcode
+--
 jquery
   NOTE: 20200606: This was fixed upstream in a set of wider changes
   NOTE: 20200606: (a938d7b128) which cannot be applied. Even the specific part



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b024a6c2ad239da400c423bede69829ef7f86ec8...11acf0aeb05230bbb0d3d3f67f6b00a6a4547bfa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b024a6c2ad239da400c423bede69829ef7f86ec8...11acf0aeb05230bbb0d3d3f67f6b00a6a4547bfa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200610/e9d74d34/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list