[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-9928 is fixed in mcabber

Sun Jun 28 16:00:41 BST 2020


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f12bd738 by Thorsten Alteholz at 2020-06-28T17:00:00+02:00
CVE-2016-9928 is fixed in mcabber

- - - - -
977c1098 by Thorsten Alteholz at 2020-06-28T17:00:27+02:00
Reserve DLA-2260-1 for mcabber

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -201660,7 +201660,6 @@ CVE-2016-9444 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, a
 CVE-2016-9928 (MCabber before 1.0.4 is vulnerable to roster push attacks, which allow ...)
 	{DLA-724-1}
 	- mcabber 0.10.2-1.1 (bug #845258)
-	[jessie] - mcabber <no-dsa> (Minor issue)
 	NOTE: https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw
 	NOTE: Similar issue for mcabber as for gajim in CVE-2015-8688
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/09/5


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Jun 2020] DLA-2260-1 mcabber - security update
+	{CVE-2016-9928}
+	[jessie] - mcabber 0.10.2-1+deb8u1
 [28 Jun 2020] DLA-2259-1 picocom - security update
 	{CVE-2015-9059}
 	[jessie] - picocom 1.7-1+deb8u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64c05614ebf0d4037c24075fb0ae9b3389e20cef...977c10988ac8f4e8884b891dbc7be4901f83bbfa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64c05614ebf0d4037c24075fb0ae9b3389e20cef...977c10988ac8f4e8884b891dbc7be4901f83bbfa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200628/085c1d1d/attachment.html>
