[Git][security-tracker-team/security-tracker][master] Reserve DLA-2398-1 for puma

Wed Oct 7 09:47:22 BST 2020


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73f82897 by Abhijith PA at 2020-10-07T14:17:06+05:30
Reserve DLA-2398-1 for puma

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Oct 2020] DLA-2398-1 puma - security update
+	{CVE-2020-11076 CVE-2020-11077}
+	[stretch] - puma 3.6.0-1+deb9u1
 [06 Oct 2020] DLA-2397-1 php7.0 - security update
 	{CVE-2020-7070}
 	[stretch] - php7.0 7.0.33-0+deb9u10


=====================================
data/dla-needed.txt
=====================================
@@ -121,9 +121,6 @@ php-horde-trean
   NOTE: 20200829: Reconsidering CVE-2019-12095 and what has been written in https://bugs.horde.org/ticket/14926 (sunweaver)
   NOTE: 20200829: We may not expect too much activity regarding this by upstream. (sunweaver)
 --
-puma (Abhijith PA)
-  NOTE: 20200708: Vulnerable to (at least) CVE-2020-11076. (lamby)
---
 python3.5 (Thorsten Alteholz)
 --
 qtsvg-opensource-src (Adrian Bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73f8289791fb5b047bab37fd91f1e052dad2c465

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73f8289791fb5b047bab37fd91f1e052dad2c465
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201007/26aae2f9/attachment-0001.html>
