[Git][security-tracker-team/security-tracker][master] Reserve DLA-2419-1 for dompurify.js
Thorsten Alteholz
alteholz at debian.org
Thu Oct 29 16:01:30 GMT 2020
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40a2d6c0 by Thorsten Alteholz at 2020-10-29T17:01:23+01:00
Reserve DLA-2419-1 for dompurify.js
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Oct 2020] DLA-2419-1 dompurify.js - security update
+ {CVE-2019-16728 CVE-2020-26870}
+ [stretch] - dompurify.js 0.8.2~dfsg1-1+deb9u1
[29 Oct 2020] DLA-2418-1 libsndfile - security update
{CVE-2017-6892 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758 CVE-2019-3832}
[stretch] - libsndfile 1.0.27-3+deb9u1
=====================================
data/dla-needed.txt
=====================================
@@ -61,9 +61,6 @@ condor
NOTE: 20200712: Requested input on path forward from debian-lts at l.d.o (roberto)
NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
--
-dompurify.js (Thorsten Alteholz)
- NOTE: 20201013: Package only in stretch - needs investigation to identify patch. (lamby)
---
f2fs-tools
NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to
NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40a2d6c0280da5a0b4aeeee5f3900142b17073a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40a2d6c0280da5a0b4aeeee5f3900142b17073a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201029/ea4ca285/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list