[Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage clamav for stretch LTS (CVE-2021-1405).

Chris Lamb lamby at debian.org
Tue Apr 13 10:23:13 BST 2021 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73666250 by Chris Lamb at 2021-04-13T10:21:22+01:00
data/dla-needed.txt: Triage clamav for stretch LTS (CVE-2021-1405).

- - - - -
da34adc2 by Chris Lamb at 2021-04-13T10:22:44+01:00
Triage CVE-2021-30184 in gnuchess for stretch LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -978,6 +978,7 @@ CVE-2021-30185 (CERN Indico before 2.3.4 can use an attacker-supplied Host heade
 CVE-2021-30184 (GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted ...)
 	- gnuchess <unfixed> (bug #986801)
 	[buster] - gnuchess <no-dsa> (Minor issue)
+	[stretch] - gnuchess <postponed> (Minor issue in a game; can be fixed in next update)
 	NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
 	NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00001.html
 CVE-2021-30183


=====================================
data/dla-needed.txt
=====================================
@@ -28,6 +28,8 @@ ceph
 cgal (Anton Gladky)
   NOTE: 20210404: https://salsa.debian.org/lts-team/packages/cgal WIP (gladk)
 --
+clamav
+--
 condor
   NOTE: 20200502: Upstream has only released workarounds; complete fix is still embargoed (roberto)
   NOTE: 20200521: Still embargoed (eg. https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html). (lamby)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cf2a080d41ac7814b2d5b2b4e461f8a2ff24e628...da34adc27f3cc5ee9e8e86f473b1c3c6f117fecf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cf2a080d41ac7814b2d5b2b4e461f8a2ff24e628...da34adc27f3cc5ee9e8e86f473b1c3c6f117fecf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210413/4fdd74bf/attachment.htm>

More information about the debian-security-tracker-commits mailing list