[Git][security-tracker-team/security-tracker][master] Reserve DLA-2435-1 for guacamole-server
Markus Koschany
apo at debian.org
Thu Nov 5 22:59:22 GMT 2020
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
802a9e11 by Markus Koschany at 2020-11-05T23:59:03+01:00
Reserve DLA-2435-1 for guacamole-server
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Nov 2020] DLA-2435-1 guacamole-server - security update
+ {CVE-2020-9497 CVE-2020-9498}
+ [stretch] - guacamole-server 0.9.9-2+deb9u1
[05 Nov 2020] DLA-2434-1 gdm3 - security update
{CVE-2020-16125}
[stretch] - gdm3 3.22.3-3+deb9u3
=====================================
data/dla-needed.txt
=====================================
@@ -75,12 +75,6 @@ golang-github-dgrijalva-jwt-go
--
golang-golang-x-net-dev
--
-guacamole-server (Markus Koschany)
- NOTE: 20201026: Reported my findings to the maintainers and the
- NOTE: security team. Waiting for feedback. CVE is in guacamole-server not in
- NOTE: guacamole-client. Backporting the upstream patch seems viable.
- NOTE: release will be this week
---
lemonldap-ng (Utkarsh)
NOTE: 20200910: Released a DLA for CVE-2020-24660 a few days ago, so could defer. (lamby)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/802a9e11d65f74f9a9bc6e6ec2379364c714d352
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/802a9e11d65f74f9a9bc6e6ec2379364c714d352
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201105/d8730fed/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list