[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14983/chocolate-doom: precise stretch triage

Sylvain Beucler (@beuc) beuc at debian.org
Thu Apr 21 08:16:11 BST 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c274565 by Sylvain Beucler at 2022-04-21T09:08:59+02:00
CVE-2020-14983/chocolate-doom: precise stretch triage

- - - - -
617fa593 by Sylvain Beucler at 2022-04-21T09:10:04+02:00
CVE-2018-1311/xerces-c: precise stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -134392,7 +134392,7 @@ CVE-2020-14983 (The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't
 	[buster] - crispy-doom <no-dsa> (Minor issue)
 	- chocolate-doom 3.0.1-1
 	[buster] - chocolate-doom 3.0.0-4+deb10u1
-	[stretch] - chocolate-doom <no-dsa> (Minor issue)
+	[stretch] - chocolate-doom <end-of-life> (games are not supported)
 	[jessie] - chocolate-doom <end-of-life> (games are not supported)
 	NOTE: https://github.com/chocolate-doom/chocolate-doom/issues/1293
 	NOTE: https://github.com/chocolate-doom/chocolate-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
@@ -282800,7 +282800,7 @@ CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest a
 CVE-2018-1311 (The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ...)
 	{DSA-4814-1}
 	- xerces-c 3.2.3+debian-2 (bug #947431)
-	[stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream, mitigated in DLA 2498-1)
+	[stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream, fixed with memory leak in DLA 2498-1)
 	[jessie] - xerces-c <postponed> (slow upstream interest, proper fix likely to break ABI compatibility)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2188



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d869d989da3d4fa8ae376b5a69fcf5c8367da2...617fa593fda27b5819f1b9e7139416eca31453d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d869d989da3d4fa8ae376b5a69fcf5c8367da2...617fa593fda27b5819f1b9e7139416eca31453d9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220421/926a3379/attachment.htm>

More information about the debian-security-tracker-commits mailing list