[Git][security-tracker-team/security-tracker][master] Reserve DLA-2615-1 for spamassassin

Thu Apr 1 22:20:46 BST 2021


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8674276 by Utkarsh Gupta at 2021-04-02T02:50:32+05:30
Reserve DLA-2615-1 for spamassassin

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[02 Apr 2021] DLA-2615-1 spamassassin - security update
+	{CVE-2020-1946}
+	[stretch] - spamassassin 3.4.2-1~deb9u4
 [01 Apr 2021] DLA-2614-1 busybox - security update
 	{CVE-2021-28831}
 	[stretch] - busybox 1:1.22.0-19+deb9u2


=====================================
data/dla-needed.txt
=====================================
@@ -139,8 +139,6 @@ shiro (Roberto C. Sánchez)
 smarty3 (Abhijith PA)
   NOTE: 20200322: CVE-2018-13982 need more time to backport (abhijith)
 --
-spamassassin (Utkarsh)
---
 spotweb
   NOTE: 20201220: The affected code uses string concatenation to construct a SQL query.
   NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. (roberto)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8674276ab89937b731cb53a8af939fedb965487

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8674276ab89937b731cb53a8af939fedb965487
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210401/aa2c2b68/attachment.htm>
