[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-28476 as no-dsa for Stretch
Thorsten Alteholz
alteholz at debian.org
Fri Feb 12 15:17:54 GMT 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bb8f8749 by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
mark CVE-2020-28476 as no-dsa for Stretch
- - - - -
adcc18b2 by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
add libebml
- - - - -
4c88dd9f by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
add activemq
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -24029,6 +24029,7 @@ CVE-2020-28477 (This affects all versions of package immer. ...)
CVE-2020-28476 (All versions of package tornado are vulnerable to Web Cache Poisoning ...)
- python-tornado <unfixed>
[buster] - python-tornado <no-dsa> (Minor issue)
+ [stretch] - python-tornado <no-dsa> (Minor issue)
NOTE: https://snyk.io/vuln/SNYK-PYTHON-TORNADO-1017109
CVE-2020-28475
RESERVED
=====================================
data/dla-needed.txt
=====================================
@@ -12,6 +12,8 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
To make it easier to see the entire history of an update, please append notes
rather than remove/replace existing ones.
+--
+activemq
--
ansible (Markus Koschany)
--
@@ -42,6 +44,8 @@ dnsmasq (Utkarsh)
firmware-nonfree
NOTE: 20201207: wait for the update in buster and backport that (Emilio)
--
+libebml (Thorsten Alteholz)
+--
libzstd (Utkarsh)
--
linux (Ben Hutchings)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94865815ef583b2f19598acd222d9aecbf60ee57...4c88dd9f6d2072106b45986ef043e508b59badb2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94865815ef583b2f19598acd222d9aecbf60ee57...4c88dd9f6d2072106b45986ef043e508b59badb2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210212/245e870f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list