[Git][security-tracker-team/security-tracker][master] 2 commits: mark golang package as no-dsa

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sun May 23 15:11:58 BST 2021 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
deff09dc by Thorsten Alteholz at 2021-05-23T16:10:48+02:00
mark golang package as no-dsa

- - - - -
e2da6888 by Thorsten Alteholz at 2021-05-23T16:11:33+02:00
CVE marked as no-dsa, so nothing to do

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -32658,6 +32658,7 @@ CVE-2021-20207
 CVE-2021-20206 (An improper limitation of path name flaw was found in containernetwork ...)
 	- golang-github-appc-cni 0.8.1-1 (bug #983659)
 	[buster] - golang-github-appc-cni <no-dsa> (Minor issue; can be fixed via point release)
+	[stretch] - golang-github-appc-cni <no-dsa> (Minor issue)
 	NOTE: https://github.com/containernetworking/cni/pull/808
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1919391
 	TODO: check details, impact on docker.io?


=====================================
data/dla-needed.txt
=====================================
@@ -44,9 +44,6 @@ djvulibre
 eterm (Utkarsh)
   NOTE: 20210521: src/term.c:process_escape_seq(), probably just disable vulnerable escape sequence
 --
-golang-github-appc-cni (Thorsten Alteholz)
-  NOTE: 20210517: still WIP, trying to automize golang updates
---
 gpac (Thorsten Alteholz)
   NOTE: 20210510: WIP
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33653134a174c301ab364dc5db8992df394df287...e2da6888672f0f24e5953001b366368c3eafec48

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33653134a174c301ab364dc5db8992df394df287...e2da6888672f0f24e5953001b366368c3eafec48
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210523/fb518399/attachment.htm>

More information about the debian-security-tracker-commits mailing list