[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-10753 as no-dsa for Jessie

Sun Jun 28 13:15:47 BST 2020


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f73d7d10 by Thorsten Alteholz at 2020-06-28T14:12:17+02:00
mark CVE-2020-10753 as no-dsa for Jessie

- - - - -
985d4770 by Thorsten Alteholz at 2020-06-28T14:15:09+02:00
CVE-2016-4429 is fixed in libtirpc

- - - - -
db5fde2b by Thorsten Alteholz at 2020-06-28T14:15:34+02:00
Reserve DLA-2256-1 for libtirpc

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12770,6 +12770,7 @@ CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkMana
 	NOTE: plugin).
 CVE-2020-10753 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...)
 	- ceph <unfixed>
+	[jessie] - ceph <no-dsa> (Minor issue)
 	NOTE: https://github.com/ceph/ceph/pull/35773
 	NOTE: Fix: https://github.com/ceph/ceph/commit/1524d3c0c5cb11775313ea1e2bb36a93257947f2
 CVE-2020-10752 (A flaw was found in the OpenShift API Server, where it failed to suffi ...)
@@ -218619,7 +218620,6 @@ CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in sunrp
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20112
 	- libtirpc 0.2.5-1.1 (bug #840347)
-	[jessie] - libtirpc <no-dsa> (Minor issue)
 	[wheezy] - libtirpc <no-dsa> (Minor issue)
 CVE-2016-4428 (Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horiz ...)
 	{DSA-3617-1 DLA-520-1}


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Jun 2020] DLA-2256-1 libtirpc - security update
+	{CVE-2016-4429}
+	[jessie] - libtirpc 0.2.5-1+deb8u3
 [28 Jun 2020] DLA-2255-1 libtasn1-6 - security update
 	{CVE-2017-10790}
 	[jessie] - libtasn1-6 4.2-3+deb8u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d6bbbdfd223f36356b7e5c16dcba38287dd69a0e...db5fde2befc3bcf261d48a9d052bd253c2dcb1d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d6bbbdfd223f36356b7e5c16dcba38287dd69a0e...db5fde2befc3bcf261d48a9d052bd253c2dcb1d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200628/765490f6/attachment-0001.html>
