[Git][security-tracker-team/security-tracker][master] 4 commits: add aspell

Sun Jul 25 00:01:39 BST 2021


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc86c99f by Thorsten Alteholz at 2021-07-25T00:35:18+02:00
add aspell

- - - - -
c9eba0cf by Thorsten Alteholz at 2021-07-25T00:35:18+02:00
add linuxptp

- - - - -
f5d0516c by Thorsten Alteholz at 2021-07-25T00:57:06+02:00
mark CVE-2019-11098 as no-dsa for Stretch

- - - - -
f3f98255 by Thorsten Alteholz at 2021-07-25T00:58:48+02:00
mark CVE-2021-32749 as no-dsa for Stretch

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10578,6 +10578,7 @@ CVE-2021-32750 (MuWire is a file publishing and networking tool that protects th
 CVE-2021-32749 (fail2ban is a daemon to ban hosts that cause multiple authentication e ...)
 	- fail2ban 0.11.2-2
 	[buster] - fail2ban <no-dsa> (Minor issue, can be fixed in point release)
+	[stretch] - fail2ban <no-dsa> (Minor issue, can be fixed after fix of regression)
 	NOTE: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
 	NOTE: https://github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9 (0.9)
 	NOTE: https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844 (0.10, 0.11, 1.0)
@@ -148326,6 +148327,7 @@ CVE-2019-11099
 CVE-2019-11098 (Insufficient input validation in MdeModulePkg in EDKII may allow an un ...)
 	- edk2 <unfixed>
 	[buster] - edk2 <no-dsa> (Minor issue)
+	[stretch] - edk2 <no-dsa> (Minor issue)
 	NOTE: https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1614
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=316


=====================================
data/dla-needed.txt
=====================================
@@ -18,6 +18,8 @@ ansible
   NOTE: 20210411: after that LTS. (apo)
   NOTE: 20210426: https://people.debian.org/~apo/lts/ansible/
 --
+aspell (Thorsten Alteholz)
+--
 ceph (Markus Koschany)
   NOTE: 20200707: Vulnerable to at least CVE-2018-14662. (lamby)
   NOTE: 20200707: Some discussion regarding removal <https://lists.debian.org/debian-lts/2020/04/msg00019.html> (lamby)
@@ -59,6 +61,8 @@ linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
 --
+linuxptp (Thorsten Alteholz
+--
 nettle (Emilio)
   NOTE: 20210719: difficult backport, wip (Emilio)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f864a8e87ef2d10efb06b36036c4421aa6504ecf...f3f98255fafed3e4fc41269c2a19d39fe7b01733

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f864a8e87ef2d10efb06b36036c4421aa6504ecf...f3f98255fafed3e4fc41269c2a19d39fe7b01733
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210724/a9f56499/attachment.htm>
