[Git][security-tracker-team/security-tracker][master] 2 commits: mark two CVEs for freerdp as no-dsa in Stretch
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Fri Oct 22 23:36:06 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3e13f8a3 by Thorsten Alteholz at 2021-10-23T00:29:24+02:00
mark two CVEs for freerdp as no-dsa in Stretch
- - - - -
4d45f454 by Thorsten Alteholz at 2021-10-23T00:33:06+02:00
add opnejdk8
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5029,10 +5029,12 @@ CVE-2021-41161
CVE-2021-41160 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
- freerdp2 <unfixed>
- freerdp <removed>
+ [stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg
CVE-2021-41159 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
- freerdp2 <unfixed>
- freerdp <removed>
+ [stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vh34-m9h7-95xq
CVE-2021-41158
RESERVED
=====================================
data/dla-needed.txt
=====================================
@@ -62,6 +62,8 @@ nvidia-graphics-drivers
NOTE: package is in non-free but also in packages-to-support
NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077
--
+openjdk-8
+--
openssh (Utkarsh)
NOTE: 20211003: a backporting error for CVE-2018-15473 was reported in
NOTE: 20211003: Ubuntu (and can see the same code differences here);
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9828912313f9b8c7fd5822e24bad83edc33574f2...4d45f4544c469ffc0ea3b4b1bf8c9888397683e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9828912313f9b8c7fd5822e24bad83edc33574f2...4d45f4544c469ffc0ea3b4b1bf8c9888397683e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211022/e3a6de85/attachment.htm>
More information about the debian-security-tracker-commits
mailing list