[Git][security-tracker-team/security-tracker][master] 2 commits: follow security team and mark CVE-2021-3480 as no-dsa for Stretch

Thorsten Alteholz (@alteholz) alteholz at debian.org
Tue Jun 29 06:47:59 BST 2021 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7986d38 by Thorsten Alteholz at 2021-06-29T07:47:46+02:00
follow security team and mark CVE-2021-3480 as no-dsa for Stretch

- - - - -
b71c2017 by Thorsten Alteholz at 2021-06-29T07:47:46+02:00
nothing todo anymore

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13845,6 +13845,7 @@ CVE-2021-3480 (A flaw was found in slapi-nis in versions before 0.56.7. A NULL p
 	- slapi-nis 0.56.5-2 (bug #988736)
 	[bullseye] - slapi-nis <no-dsa> (Minor issue)
 	[buster] - slapi-nis <no-dsa> (Minor issue)
+	[stretch] - slapi-nis <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1944640
 	NOTE: https://pagure.io/slapi-nis/c/c7417ea2d534712e559b56ed45baa91c5d3d44db?branch=master
 CVE-2021-3479 (There's a flaw in OpenEXR's Scanline API functionality in versions bef ...)


=====================================
data/dla-needed.txt
=====================================
@@ -137,9 +137,6 @@ shiro
   NOTE: 20201220: Upstream has responded.  Working with them to backport fixes. (roberto)
   NOTE: 20210511: Upstream provided suggestions/guidance on testing of backported fixes; testing/tweaking is in progress. (roberto)
 --
-slapi-nis (Thorsten Alteholz)
-  NOTE: 20210620: WIP
---
 sogo (Anton Gladky)
   NOTE: 20210603: maybe mention in announcement the recommendation to invalidate user
   NOTE: 20210603: sessions (see upstream blog). (pochu)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c683b317d099b67c4aff02385bd24f555c79728...b71c201726185dbecafd7b095fb8dd45e016c0f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c683b317d099b67c4aff02385bd24f555c79728...b71c201726185dbecafd7b095fb8dd45e016c0f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210629/efa95cec/attachment.htm>

More information about the debian-security-tracker-commits mailing list