[Git][security-tracker-team/security-tracker][master] Reserve DLA-2431-1 for libonig
Markus Koschany
apo at debian.org
Tue Nov 3 22:50:30 GMT 2020
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bd23b411 by Markus Koschany at 2020-11-03T23:50:24+01:00
Reserve DLA-2431-1 for libonig
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Nov 2020] DLA-2431-1 libonig - security update
+ {CVE-2019-13224 CVE-2019-16163 CVE-2019-19012 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2020-26159}
+ [stretch] - libonig 6.1.3-2+deb9u1
[03 Nov 2020] DLA-2430-1 blueman - security update
{CVE-2020-15238}
[stretch] - blueman 2.0.4-1+deb9u1
=====================================
data/dla-needed.txt
=====================================
@@ -87,12 +87,6 @@ lemonldap-ng
--
libdatetime-timezone-perl (Adrian Bunk)
---
-libonig (Markus Koschany)
- NOTE: 20201026: Fix for CVE-2020-26159 is too trivial. Besides that, please consider
- NOTE: 20201026: fixing other errors mentioned in https://github.com/kkos/oniguruma/issues/207
- NOTE: 20201026: and the other 6/7 CVEs tagged as no-dsa in stretch but fixed in jessie. (utkarsh)
- NOTE: 20201026: release will be this week
---
libproxy (Emilio)
NOTE: 20201026: patch not sanctioned upstream yet (Emilio)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd23b4114dfc0359a535c4b4ce0d86996eaab501
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd23b4114dfc0359a535c4b4ce0d86996eaab501
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201103/abbab5ed/attachment.html>
More information about the debian-security-tracker-commits
mailing list