[Git][security-tracker-team/security-tracker][master] Reserve DLA-2831-1 for libntlm
Adrian Bunk (@bunk)
bunk at debian.org
Sun Nov 28 19:00:13 GMT 2021
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1ab96ba2 by Adrian Bunk at 2021-11-28T20:59:58+02:00
Reserve DLA-2831-1 for libntlm
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -150112,7 +150112,6 @@ CVE-2019-17455 (Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAu
{DLA-2207-1}
- libntlm 1.6-1 (bug #942145)
[buster] - libntlm 1.5-1+deb10u1
- [stretch] - libntlm <no-dsa> (Minor issue)
NOTE: https://gitlab.com/jas/libntlm/issues/2
NOTE: https://gitlab.com/jas/libntlm/-/commit/b967886873fcf19f816b9c0868465f2d9e5df85e
CVE-2019-17454 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTa ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Nov 2021] DLA-2831-1 libntlm - security update
+ {CVE-2019-17455}
+ [stretch] - libntlm 1.4-8+deb9u1
[28 Nov 2021] DLA-2830-1 tar - security update
{CVE-2018-20482}
[stretch] - tar 1.29b-1.1+deb9u1
=====================================
data/dla-needed.txt
=====================================
@@ -56,8 +56,6 @@ libgit2 (Utkarsh)
NOTE: 20211029: and TAL later next week. (utkarsh)
NOTE: 20211116: backports prepped; checking build and smoke-testing package. (utkarsh)
--
-libntlm (Adrian Bunk)
---
librecad (Sylvain Beucler)
NOTE: 20211127: also take care of other suites
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ab96ba29320ba8b321eebed52933a5c402848e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ab96ba29320ba8b321eebed52933a5c402848e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211128/63af99ef/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list