[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2021-39212 as no-dsa for Stretch
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sun Sep 26 18:17:25 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2719494 by Thorsten Alteholz at 2021-09-26T19:01:19+02:00
mark CVE-2021-39212 as no-dsa for Stretch
- - - - -
1f7229af by Thorsten Alteholz at 2021-09-26T19:08:03+02:00
add nghttp2
- - - - -
053ec979 by Thorsten Alteholz at 2021-09-26T19:15:55+02:00
add weechat
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5540,6 +5540,7 @@ CVE-2021-39213 (GLPI is a free Asset and IT management software package. Startin
NOTE: Only supported behind an authenticated HTTP zone
CVE-2021-39212 (ImageMagick is free software delivered as a ready-to-run binary distri ...)
- imagemagick <unfixed>
+ [stretch] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr
NOTE: https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68
NOTE: https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e
=====================================
data/dla-needed.txt
=====================================
@@ -60,6 +60,8 @@ mosquitto
NOTE: 20210805: coordinating upload to buster before DLA for Stretch (codehelp)
NOTE: 20210806: CVE-2021-34432 ignored in buster and stretch. Vulnerable code not accessible. (codehelp)
--
+nghttp2
+--
ntfs-3g (Abhijith PA)
--
nvidia-graphics-drivers
@@ -114,3 +116,5 @@ tiff (Utkarsh)
--
uwsgi (Sylvain Beucler)
--
+weechat
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/100a486da6492bacc8122f4e8950290bb9946b87...053ec9792b45cd6331467748878b08c81babe006
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/100a486da6492bacc8122f4e8950290bb9946b87...053ec9792b45cd6331467748878b08c81babe006
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210926/1260269f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list