[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-10174/timeshift as no-dsa

Salvatore Bonaccorso carnil at debian.org
Sun Mar 15 18:11:15 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
31ef44ec by Salvatore Bonaccorso at 2020-03-15T19:09:23+01:00
Mark CVE-2020-10174/timeshift as no-dsa

Maintainer already proposed an update via buster-pu and this looks fine
to do. So mark it ahead with no-dsa.

- - - - -
cd44256c by Salvatore Bonaccorso at 2020-03-15T19:10:48+01:00
Track proposed update for timeshift via buster-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -895,6 +895,7 @@ CVE-2020-10175
 	REJECTED
 CVE-2020-10174 (init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely  ...)
 	- timeshift 20.03+ds-1 (bug #953385)
+	[buster] - timeshift <no-dsa> (Will be fixed via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/06/3
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1165802
 	NOTE: https://github.com/teejee2008/timeshift/commit/335b3d5398079278b8f7094c77bfd148b315b462


=====================================
data/next-point-update.txt
=====================================
@@ -47,3 +47,5 @@ CVE-2020-8130
 	[buster] - rake 12.3.1-3+deb10u1
 CVE-2020-7598
 	[buster] - node-minimist 1.2.0-1+deb10u1
+CVE-2020-10174
+	[buster] - timeshift 19.01+ds-2+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8cd46568d7d991c37a97570cec4a4b52aaa94e5a...cd44256c4e456c1aa816b9012e835d55f8fb9602

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8cd46568d7d991c37a97570cec4a4b52aaa94e5a...cd44256c4e456c1aa816b9012e835d55f8fb9602
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200315/08d27aaa/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list