[Git][security-tracker-team/security-tracker][master] 3 commits: follow security team and mark CVE-2021-37620 as ignored

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sun Nov 21 22:41:39 GMT 2021



Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd58dbe7 by Thorsten Alteholz at 2021-11-21T23:35:07+01:00
follow security team and mark CVE-2021-37620 as ignored

- - - - -
0c88fae0 by Thorsten Alteholz at 2021-11-21T23:37:26+01:00
mark CVE-2021-34334 as no-dsa for Stretch

- - - - -
df8498d3 by Thorsten Alteholz at 2021-11-21T23:41:24+01:00
nothing todo

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -18742,6 +18742,7 @@ CVE-2021-37620 (Exiv2 is a command-line utility and C++ library for reading, wri
 	- exiv2 <unfixed>
 	[bullseye] - exiv2 <ignored> (Minor issue)
 	[buster] - exiv2 <ignored> (Minor issue)
+	[stretch] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
 	NOTE: https://github.com/Exiv2/exiv2/pull/1769
 CVE-2021-37619 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
@@ -26457,6 +26458,7 @@ CVE-2021-34335 (Exiv2 is a command-line utility and C++ library for reading, wri
 	NOTE: https://github.com/Exiv2/exiv2/pull/1750
 CVE-2021-34334 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed> (bug #992706)
+	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p
 	NOTE: https://github.com/Exiv2/exiv2/pull/1766
 CVE-2021-34333 (A vulnerability has been identified in JT2Go (All versions < V13.2) ...)


=====================================
data/dla-needed.txt
=====================================
@@ -27,9 +27,6 @@ debian-archive-keyring
   NOTE: 20211018: Jonathan is prepping the branch; will work
   NOTE: 20211018: with him and upload and publish the DLA. (utkarsh)
 --
-exiv2 (Thorsten Alteholz)
-  NOTE: 20211109: testing package
---
 firefox-esr (Emilio)
   NOTE: 20211116: blocked on toolchain backports (pochu)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211121/113ffb45/attachment.htm>


More information about the debian-security-tracker-commits mailing list