[Git][security-tracker-team/security-tracker][master] 2 commits: 'point release' for nfdump (CVE-2019-1010057 and CVE-2019-14459) just happened

Sat Sep 26 16:54:40 BST 2020


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4dc4b620 by Thorsten Alteholz at 2020-09-26T17:53:32+02:00
'point release' for nfdump (CVE-2019-1010057 and CVE-2019-14459) just happened

- - - - -
cbb7b7f8 by Thorsten Alteholz at 2020-09-26T17:54:28+02:00
Reserve DLA-2383-1 for nfdump

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77601,7 +77601,6 @@ CVE-2019-14460
 CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by an integer overflow in the fu ...)
 	- nfdump 1.6.18-1 (bug #933740)
 	[buster] - nfdump <no-dsa> (Minor issue)
-	[stretch] - nfdump <no-dsa> (Minor issue)
 	NOTE: https://github.com/phaag/nfdump/issues/171
 	NOTE: https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
 CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of ...)
@@ -92676,7 +92675,6 @@ CVE-2019-1010058
 	RESERVED
 CVE-2019-1010057 (nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact  ...)
 	- nfdump 1.6.17-1
-	[stretch] - nfdump <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/phaag/nfdump/issues/104
 	NOTE: https://github.com/phaag/nfdump/commit/9f0fe9563366f62a71d34c92229da3432ec5cf0e
 CVE-2019-1010056


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Sep 2020] DLA-2383-1 nfdump - security update
+	{CVE-2019-14459 CVE-2019-1010057}
+	[stretch] - nfdump 1.6.15-3+deb9u1
 [26 Sep 2020] DLA-2382-1 curl - security update
 	{CVE-2020-8231}
 	[stretch] - curl 7.52.1-5+deb9u12



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200926/0577b226/attachment.html>
