[Git][security-tracker-team/security-tracker][master] Reserve DLA-2458-1 for drupal7

Emilio Pozuelo Monfort pochu at debian.org
Thu Nov 19 11:31:46 GMT 2020 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72d53148 by Emilio Pozuelo Monfort at 2020-11-19T12:31:39+01:00
Reserve DLA-2458-1 for drupal7

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[19 Nov 2020] DLA-2458-1 drupal7 - security update
+	{CVE-2020-13666 CVE-2020-13671}
+	[stretch] - drupal7 7.52-2+deb9u12
 [19 Nov 2020] DLA-2457-1 firefox-esr - security update
 	{CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968}
 	[stretch] - firefox-esr 78.5.0esr-1~deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -46,10 +46,6 @@ condor
   NOTE: 20200712: Requested input on path forward from debian-lts at l.d.o (roberto)
   NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
 --
-drupal7
-  NOTE: 20201119: Upstream advisory for CVE-2020-13666 mentions potential for jQuery regression; may need to include a related note in the DLA. (roberto)
-  NOTE: 20201119: The maintainer has already uploaded the package: https://lists.debian.org/debian-lts-changes/2020/11/msg00032.html
---
 f2fs-tools
   NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to
   NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72d53148d3c20f98588b8ee42eca65f07a23bfc2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72d53148d3c20f98588b8ee42eca65f07a23bfc2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201119/bbfc27b3/attachment.html>

More information about the debian-security-tracker-commits mailing list