[Git][security-tracker-team/security-tracker][master] CVE-2020-5253/nethack: jessie end-of-life
Sylvain Beucler
beuc at debian.org
Mon Mar 16 12:28:00 GMT 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
14d62e59 by Sylvain Beucler at 2020-03-16T13:26:54+01:00
CVE-2020-5253/nethack: jessie end-of-life
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -12032,6 +12032,7 @@ CVE-2020-5254 (In NetHack before 3.6.6, some out-of-bound values for the hilite_
NOTE: Introduced with: https://github.com/NetHack/NetHack/commit/f8211f69f2008609b59fe4c9ba341ff1fa520825 (NetHack-3.6.1_RC01)
CVE-2020-5253 (NetHack before version 3.6.0 allowed malicious use of escaping of char ...)
- nethack 3.6.0-1
+ [jessie] - nethack <end-of-life> (Not supported in jessie LTS)
NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223m
NOTE: https://github.com/NetHack/NetHack/commit/612755bfb5c412079795c68ba392df5d93874ed8
CVE-2020-5252
=====================================
data/dla-needed.txt
=====================================
@@ -48,8 +48,6 @@ lua-cgi
NOTE: 20200227: The package do not seem to be used much, but the popcon data in this case
NOTE: 20200227: may not be entirelly reliable. One possibility is to declare it unsupported. (Ola)
--
-nethack (Utkarsh Gupta)
---
netkit-telnet
NOTE: 20200310: No patch available, yet. Only PoC. (sunweaver)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14d62e59b475b24ffb3fbc021b8c1fdfc2582d56
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14d62e59b475b24ffb3fbc021b8c1fdfc2582d56
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200316/0b331b9a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list