[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage CVE-2020-8865/php-horde-trean as no-dsa for jessie

Roberto C. Sánchez roberto at debian.org
Sun Mar 29 21:06:53 BST 2020 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
58d3784c by Roberto C. Sánchez at 2020-03-29T16:05:18-04:00
LTS: triage CVE-2020-8865/php-horde-trean as no-dsa for jessie

- - - - -
212f681f by Roberto C. Sánchez at 2020-03-29T16:06:34-04:00
LTS: remove php-horde-trean from dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5053,6 +5053,7 @@ CVE-2020-8865 (This vulnerability allows remote attackers to execute local PHP f
 	- php-horde-trean <unfixed> (bug #955019)
 	[buster] - php-horde-trean <no-dsa> (Minor issue)
 	[stretch] - php-horde-trean <no-dsa> (Minor issue)
+	[jessie] - php-horde-trean <no-dsa> (Minor issue)
 	NOTE: https://lists.horde.org/archives/announce/2020/001286.html
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-276/
 	NOTE: https://github.com/horde/trean/commit/db0714a0c04d87bda9e2852f1b0d259fc281ca75


=====================================
data/dla-needed.txt
=====================================
@@ -70,8 +70,6 @@ otrs2 (Abhijith PA)
 --
 php-horde-form (Roberto C. Sánchez)
 --
-php-horde-trean (Roberto C. Sánchez)
---
 qtbase-opensource-src (Mike Gabriel)
   NOTE: 20200224: No upstream fix available, yet. (sunweaver)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3f4f9ab137eb248a08bbd4d7599ae92bbe3efe89...212f681f2b2c5d09bad655ad4603842dab488aca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3f4f9ab137eb248a08bbd4d7599ae92bbe3efe89...212f681f2b2c5d09bad655ad4603842dab488aca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200329/061fef90/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list