[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage CVE-2020-24659/gnutls28 as <not-affected> for stretch
Roberto C. Sánchez
roberto at debian.org
Thu Sep 24 21:51:48 BST 2020
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0717bf79 by Roberto C. Sánchez at 2020-09-24T16:50:49-04:00
LTS: triage CVE-2020-24659/gnutls28 as <not-affected> for stretch
- - - - -
d474b9d6 by Roberto C. Sánchez at 2020-09-24T16:51:37-04:00
LTS: remove gnutls28 from dla-needed.txt, no open issues
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3112,6 +3112,7 @@ CVE-2020-24660 (An issue was discovered in LemonLDAP::NG through 2.0.8, when NGI
CVE-2020-24659 (An issue was discovered in GnuTLS before 3.6.15. A server can trigger ...)
- gnutls28 3.6.15-1 (bug #969547)
[buster] - gnutls28 <no-dsa> (Minor issue)
+ [stretch] - gnutls28 <not-affected> (Vulnerable code introduced later)
NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1071
NOTE: https://gitlab.com/gnutls/gnutls/-/commit/29ee67c205855e848a0a26e6d0e4f65b6b943e0a
=====================================
data/dla-needed.txt
=====================================
@@ -76,9 +76,6 @@ fossil
--
freerdp
--
-gnutls28 (Roberto C. Sánchez)
- NOTE: 20200920: WIP
---
golang-1.7
--
golang-1.8
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b0316b0cf79a15340c2de5317143f7c91d6d05c4...d474b9d6a604d6712bf97d73a21c324bff08c455
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b0316b0cf79a15340c2de5317143f7c91d6d05c4...d474b9d6a604d6712bf97d73a21c324bff08c455
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200924/df8a9c17/attachment.html>
More information about the debian-security-tracker-commits
mailing list