[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-24027/liblivemedia as no-dsa for stretch

Utkarsh Gupta utkarsh at debian.org
Mon Feb 1 21:04:29 GMT 2021 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
52c743ce by Utkarsh Gupta at 2021-02-02T02:34:15+05:30
Mark CVE-2020-24027/liblivemedia as no-dsa for stretch

- - - - -
c830bb5b by Utkarsh Gupta at 2021-02-02T02:34:16+05:30
Mark CVE-2021-2627{1,2}/ckeditor as postponed for stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -752,9 +752,11 @@ CVE-2021-3309 (packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can proce
 	NOT-FOR-US: Wekan
 CVE-2021-26272 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...)
 	- ckeditor <unfixed>
+	[stretch] - ckeditor <postponed> (Fix along next ELA)
 	NOTE: https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416
 CVE-2021-26271 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...)
 	- ckeditor <unfixed>
+	[stretch] - ckeditor <postponed> (Fix along next ELA)
 	NOTE: https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416
 CVE-2021-26270
 	RESERVED
@@ -34887,6 +34889,7 @@ CVE-2020-24028 (ForLogic Qualiex v1 and v3 allows any authenticated customer to
 CVE-2020-24027 (In Live Networks, Inc., liblivemedia version 20200625, there is a pote ...)
 	- liblivemedia <unfixed>
 	[buster] - liblivemedia <no-dsa> (Minor issue)
+	[stretch] - liblivemedia <no-dsa> (Minor issue)
 	NOTE: http://lists.live555.com/pipermail/live-devel/2020-July/021662.html
 	NOTE: Fixed in 2020.07.09 upstream, cf.
 	NOTE: http://www.live555.com/liveMedia/public/changelog.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/da58dae3485a6533253b2fbb89ab40622a95f2a6...c830bb5ba6a68892804fc4a726cb5fd169da53d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/da58dae3485a6533253b2fbb89ab40622a95f2a6...c830bb5ba6a68892804fc4a726cb5fd169da53d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210201/76c03b36/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list