[Git][security-tracker-team/security-tracker][master] Mark current curl issues as no-dsa for buster

Tue Oct 13 14:01:08 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a93ba4e0 by Salvatore Bonaccorso at 2020-10-13T15:00:30+02:00
Mark current curl issues as no-dsa for buster

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -44470,6 +44470,7 @@ CVE-2020-8231
 	RESERVED
 	{DLA-2382-1}
 	- curl 7.72.0-1 (bug #968831)
+	[buster] - curl <no-dsa> (Minor issue)
 	NOTE: https://curl.haxx.se/docs/CVE-2020-8231.html
 	NOTE: https://github.com/curl/curl/pull/5824
 	NOTE: https://github.com/curl/curl/commit/3c9e021f86872baae412a427e807fbfa2f3e8
@@ -44609,6 +44610,7 @@ CVE-2020-8177
 	RESERVED
 	{DLA-2295-1}
 	- curl 7.72.0-1 (bug #965281)
+	[buster] - curl <no-dsa> (Minor issue)
 	NOTE: https://curl.haxx.se/docs/CVE-2020-8177.html
 	NOTE: https://github.com/curl/curl/commit/8236aba58542c5f89f1d41ca09d84579efb05e22 (7.71.0)
 CVE-2020-8176 (A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.6 ...)
@@ -44633,6 +44635,7 @@ CVE-2020-8170 (We have recently released new version of AirMax AirOS firmware v6
 CVE-2020-8169
 	RESERVED
 	- curl 7.72.0-1 (bug #965280)
+	[buster] - curl <no-dsa> (Minor issue)
 	[stretch] - curl <not-affected> (Vulnerable code introduced later)
 	[jessie] - curl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://curl.haxx.se/docs/CVE-2020-8169.html


=====================================
data/dsa-needed.txt
=====================================
@@ -16,8 +16,6 @@ ansible
 --
 chromium
 --
-curl (ghedo)
---
 httpcomponents-client
   Markus prepared an update
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93ba4e092620564826bcbd552679b5f1066cf9d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93ba4e092620564826bcbd552679b5f1066cf9d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201013/dd79fcb8/attachment.html>
