[Git][security-tracker-team/security-tracker][master] Reserve DLA-2207-1 for libntlm

Anton Gladky gladk at debian.org
Sun May 10 16:01:45 BST 2020



Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
344e7f01 by Anton Gladky at 2020-05-10T17:01:35+02:00
Reserve DLA-2207-1 for libntlm

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[10 May 2020] DLA-2207-1 libntlm - security update
+	{CVE-2019-17455}
+	[jessie] - libntlm 1.4-3+deb8u1
 [09 May 2020] DLA-2206-1 thunderbird - security update
 	{CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397}
 	[jessie] - thunderbird 1:68.8.0-1~deb8u1


=====================================
data/dla-needed.txt
=====================================
@@ -56,12 +56,6 @@ libmatio (Adrian Bunk)
   NOTE: 20190428: older changes seem to also be required for them
   NOTE: 20200503: work is ongoing
 --
-libntlm (Anton Gladky)
-  NOTE: 20200502: Original upstream patch does not solve the problem completely
-  NOTE: 20200502: AddressSanitizer (ASAN) shows some more problems in the code
-  NOTE: 20200502: Reported https://gitlab.com/jas/libntlm/-/issues/2#note_335290826
-  NOTE: 20200502: Looks like a problem in the poc.c
---
 libsixel (Dylan Aïssi)
   NOTE: 20200416 minor issue(s), not patch(es), yet.
   NOTE: 20200503 ask for clarification to FD/Mike (daissi)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/344e7f01ab0aaf7241bcc2461e7c85872d89821f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/344e7f01ab0aaf7241bcc2461e7c85872d89821f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200510/b75f4642/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list