[Git][security-tracker-team/security-tracker][master] 3 commits: follow security team and mark CVE-2021-37620 as ignored
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sun Nov 21 22:41:39 GMT 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fd58dbe7 by Thorsten Alteholz at 2021-11-21T23:35:07+01:00
follow security team and mark CVE-2021-37620 as ignored
- - - - -
0c88fae0 by Thorsten Alteholz at 2021-11-21T23:37:26+01:00
mark CVE-2021-34334 as no-dsa for Stretch
- - - - -
df8498d3 by Thorsten Alteholz at 2021-11-21T23:41:24+01:00
nothing todo
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -18742,6 +18742,7 @@ CVE-2021-37620 (Exiv2 is a command-line utility and C++ library for reading, wri
- exiv2 <unfixed>
[bullseye] - exiv2 <ignored> (Minor issue)
[buster] - exiv2 <ignored> (Minor issue)
+ [stretch] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
NOTE: https://github.com/Exiv2/exiv2/pull/1769
CVE-2021-37619 (Exiv2 is a command-line utility and C++ library for reading, writing, ...)
@@ -26457,6 +26458,7 @@ CVE-2021-34335 (Exiv2 is a command-line utility and C++ library for reading, wri
NOTE: https://github.com/Exiv2/exiv2/pull/1750
CVE-2021-34334 (Exiv2 is a command-line utility and C++ library for reading, writing, ...)
- exiv2 <unfixed> (bug #992706)
+ [stretch] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p
NOTE: https://github.com/Exiv2/exiv2/pull/1766
CVE-2021-34333 (A vulnerability has been identified in JT2Go (All versions < V13.2) ...)
=====================================
data/dla-needed.txt
=====================================
@@ -27,9 +27,6 @@ debian-archive-keyring
NOTE: 20211018: Jonathan is prepping the branch; will work
NOTE: 20211018: with him and upload and publish the DLA. (utkarsh)
--
-exiv2 (Thorsten Alteholz)
- NOTE: 20211109: testing package
---
firefox-esr (Emilio)
NOTE: 20211116: blocked on toolchain backports (pochu)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211121/113ffb45/attachment.htm>
More information about the debian-security-tracker-commits
mailing list