[Git][security-tracker-team/security-tracker][master] 3 commits: Mark ssvnc issues as no-dsa

Salvatore Bonaccorso carnil at debian.org
Sun May 31 20:19:07 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3093774 by Salvatore Bonaccorso at 2020-05-31T21:18:52+02:00
Mark ssvnc issues as no-dsa

- - - - -
6b4161ff by Salvatore Bonaccorso at 2020-05-31T21:18:52+02:00
Track proposed fixes for ssnvc via buster-pu

- - - - -
bde840ec by Salvatore Bonaccorso at 2020-05-31T21:18:52+02:00
Track proposed ssvnc fixes via stretch-pu

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -86196,6 +86196,8 @@ CVE-2018-20024 (LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 co
 	- italc <removed>
 	[stretch] - italc 1:3.0.3+dfsg1-1+deb9u1
 	- ssvnc 1.0.29-5 (bug #945827)
+	[buster] - ssvnc <no-dsa> (Minor issue)
+	[stretch] - ssvnc <no-dsa> (Minor issue)
 	- veyon 4.1.4+repack1-1
 	NOTE: https://github.com/LibVNC/libvncserver/issues/254
 	NOTE: https://github.com/LibVNC/libvncserver/commit/4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7
@@ -86215,6 +86217,8 @@ CVE-2018-20022 (LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains
 	- italc <removed>
 	[stretch] - italc 1:3.0.3+dfsg1-1+deb9u1
 	- ssvnc 1.0.29-5 (bug #945827)
+	[buster] - ssvnc <no-dsa> (Minor issue)
+	[stretch] - ssvnc <no-dsa> (Minor issue)
 	- tightvnc 1:1.3.9-9.1
 	[buster] - tightvnc 1:1.3.9-9deb10u1
 	[stretch] - tightvnc 1:1.3.9-9+deb9u1
@@ -86228,6 +86232,8 @@ CVE-2018-20021 (LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c co
 	- italc <removed>
 	[stretch] - italc 1:3.0.3+dfsg1-1+deb9u1
 	- ssvnc 1.0.29-5 (bug #945827)
+	[buster] - ssvnc <no-dsa> (Minor issue)
+	[stretch] - ssvnc <no-dsa> (Minor issue)
 	- tightvnc 1:1.3.9-9.1
 	[buster] - tightvnc 1:1.3.9-9deb10u1
 	[stretch] - tightvnc 1:1.3.9-9+deb9u1
@@ -86241,6 +86247,8 @@ CVE-2018-20020 (LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d co
 	- italc <removed>
 	[stretch] - italc <not-affected> (Incomplete fix for CVE-2018-20019 not applied)
 	- ssvnc 1.0.29-5 (bug #945827)
+	[buster] - ssvnc <no-dsa> (Minor issue)
+	[stretch] - ssvnc <no-dsa> (Minor issue)
 	- veyon 4.1.4+repack1-1
 	NOTE: https://github.com/LibVNC/libvncserver/issues/250
 	NOTE: https://github.com/LibVNC/libvncserver/commit/09f2f3fb6a5a163e453e5c2979054670c39694bc


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -96,3 +96,11 @@ CVE-2020-0093
 	[stretch] - libexif 0.6.21-2+deb9u2
 CVE-2020-8034
 	[stretch] - php-horde-gollem 3.0.10-1+deb9u1
+CVE-2018-20020
+	[stretch] - ssvnc 1.0.29-3+deb9u1
+CVE-2018-20021
+	[stretch] - ssvnc 1.0.29-3+deb9u1
+CVE-2018-20022
+	[stretch] - ssvnc 1.0.29-3+deb9u1
+CVE-2018-20024
+	[stretch] - ssvnc 1.0.29-3+deb9u1


=====================================
data/next-point-update.txt
=====================================
@@ -32,3 +32,11 @@ CVE-2020-0093
 	[buster] - libexif 0.6.21-5.1+deb10u2
 CVE-2020-8034
 	[buster] - php-horde-gollem 3.0.12-3+deb10u1
+CVE-2018-20020
+	[buster] - ssvnc 1.0.29-4+deb10u1
+CVE-2018-20021
+	[buster] - ssvnc 1.0.29-4+deb10u1
+CVE-2018-20022
+	[buster] - ssvnc 1.0.29-4+deb10u1
+CVE-2018-20024
+	[buster] - ssvnc 1.0.29-4+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ec84e3a404ab98086bf3d3e4added420aa14b42c...bde840ec547526586325580b2ae8997ddde92a25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ec84e3a404ab98086bf3d3e4added420aa14b42c...bde840ec547526586325580b2ae8997ddde92a25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200531/c161a08b/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list