[Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Add twisted.

Sat Mar 14 20:21:21 GMT 2020


Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker


Commits:
433137f0 by Mike Gabriel at 2020-03-14T21:21:04+01:00
data/dla-needed.txt: Add twisted.

- - - - -
6ee790eb by Mike Gabriel at 2020-03-14T21:21:05+01:00
data/CVE/list: Mark icu/jessie as not affected by CVE-2020-10531.

- - - - -
fdb94867 by Mike Gabriel at 2020-03-14T21:21:07+01:00
data/CVE/list: Mark open CVEs for edk2/jessie as <end-of-life>. Package is in non-free.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -98,6 +98,7 @@ CVE-2020-10532 (The AD Helper component in WatchGuard Fireware before 5.8.5.1031
 CVE-2020-10531 (An issue was discovered in International Components for Unicode (ICU)  ...)
 	[experimental] - icu 66.1-2
 	- icu 63.2-3 (bug #953747)
+	[jessie] - icu <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1044570 (not public)
 	NOTE: Upstream ICU bug: https://unicode-org.atlassian.net/browse/ICU-20958 (private)
 	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
@@ -38939,11 +38940,13 @@ CVE-2019-14587
 	- edk2 0~20200229.4c0f6e34-1
 	[buster] - edk2 <no-dsa> (Minor issue)
 	[stretch] - edk2 <no-dsa> (Minor issue)
+	[jessie] - edk2 <end-of-life> (non-free)
 CVE-2019-14586
 	RESERVED
 	- edk2 0~20200229.4c0f6e34-1
 	[buster] - edk2 <no-dsa> (Minor issue)
 	[stretch] - edk2 <no-dsa> (Minor issue)
+	[jessie] - edk2 <end-of-life> (non-free)
 CVE-2019-14585
 	RESERVED
 CVE-2019-14584
@@ -39020,6 +39023,7 @@ CVE-2019-14558
 	- edk2 0~20200229.4c0f6e34-1
 	[buster] - edk2 <no-dsa> (Minor issue)
 	[stretch] - edk2 <no-dsa> (Minor issue)
+	[jessie] - edk2 <end-of-life> (non-free)
 CVE-2019-14557
 	RESERVED
 CVE-2019-14556


=====================================
data/dla-needed.txt
=====================================
@@ -89,6 +89,9 @@ tomcat8 (Abhijith PA)
  NOTE: 20200224: Guess embedding latest branch of 8.5.x in debian package is the way to go (abhijith)
  NOTE: 20200310: New CVEs piled up (abhijith)
 --
+twisted
+ NOTE: 20200314: No patches, yet. (sunweaver)
+--
 weechat (Thorsten Alteholz)
   NOTE: 20200309: work is ongoing
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fcc3e9d68ce640da0d566d862c5653ced2de96da...fdb948674621840998dfa751c21bdb42034d18cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fcc3e9d68ce640da0d566d862c5653ced2de96da...fdb948674621840998dfa751c21bdb42034d18cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200314/3e28c615/attachment-0001.html>
