[Git][security-tracker-team/security-tracker][master] Reserve DLA-2724-1 for condor

Markus Koschany (@apo) apo at debian.org
Sun Aug 1 15:49:56 BST 2021



Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ba587f8a by Markus Koschany at 2021-08-01T16:49:49+02:00
Reserve DLA-2724-1 for condor

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Aug 2021] DLA-2724-1 condor - security update
+	{CVE-2019-18823}
+	[stretch] - condor 8.4.11~dfsg.1-1+deb9u1
 [31 Jul 2021] DLA-2723-1 linuxptp - security update
 	{CVE-2021-3570}
 	[stretch] - linuxptp 1.8-1+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -28,18 +28,6 @@ ceph (Markus Koschany)
   NOTE: 20210726: https://people.debian.org/~apo/lts/ceph/
   NOTE: 20210726: Patch for CVE-2018-16846 is not complete yet.
 --
-condor (Markus Koschany)
-  NOTE: 20200502: Upstream has only released workarounds; complete fix is still embargoed (roberto)
-  NOTE: 20200521: Still embargoed (eg. https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html). (lamby)
-  NOTE: 20200525: Fix: https://github.com/htcondor/htcondor/compare/V8_8_7...V8_8_8 (utkarsh)
-  NOTE: 20200531: Patches are linked from https://security-tracker.debian.org/tracker/CVE-2019-18823 (bunk)
-  NOTE: 20200627: Updates prepared (for jessie/stretch/buster); coordinating with security team for testing (roberto)
-  NOTE: 20200712: Requested input on path forward from debian-lts at l.d.o (roberto)
-  NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
-  NOTE: 20210205: Some patches seems to be available but not clear if it solves the whole issue or not. (ola)
-  NOTE: 20210726: https://people.debian.org/~apo/lts/condor/
-  NOTE: 20210726: Needs more testing
---
 curl (Adrian Bunk)
 --
 ffmpeg (Anton Gladky)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba587f8a49e695fa539b1f67a95b8a70f9e0373d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba587f8a49e695fa539b1f67a95b8a70f9e0373d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210801/8aa62014/attachment.htm>


More information about the debian-security-tracker-commits mailing list