[Git][security-tracker-team/security-tracker][master] CVE-2019-3866/mistral,python-oslo.utils: clarify/update stretch status
Sylvain Beucler (@beuc)
beuc at debian.org
Tue May 24 15:13:54 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
821ddda7 by Sylvain Beucler at 2022-05-24T16:13:23+02:00
CVE-2019-3866/mistral,python-oslo.utils: clarify/update stretch status
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -226921,14 +226921,14 @@ CVE-2019-3867 (A vulnerability was found in the Quay web application. Sessions i
CVE-2019-3866 (An information-exposure vulnerability was discovered where openstack-m ...)
- python-oslo.utils 3.41.3-1 (low; bug #946060)
[buster] - python-oslo.utils 3.36.5-0+deb10u1
- [stretch] - python-oslo.utils <no-dsa> (Minor issue; can be fixed via point release)
+ [stretch] - python-oslo.utils <ignored> (Minor issue; do fix if you intend to fix mistral)
[jessie] - python-oslo.utils <not-affected> (regex pattern rewrite)
- python-mistral-lib 1.2.0-3
[buster] - python-mistral-lib <no-dsa> (Minor issue)
- mistral 5.1.0-2
- [stretch] - mistral <no-dsa> (Minor issue; can be fixed via point release)
+ [stretch] - mistral <postponed> (Minor issue; local info-leak in restricted logs)
NOTE: In mistral/5.0.0 the problematic code was moved to the python library.
- NOTE: To be apply the fixes in mistral/python-mistral-lib as pre-requiste the
+ NOTE: To apply the fixes in mistral or python-mistral-lib, as pre-requisite the
NOTE: python-oslo.utils package needs an update.
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1768731
NOTE: https://bugs.launchpad.net/tripleo/+bug/1850843
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/821ddda7abce3fab7683dc9192cf2b2fd49685bc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/821ddda7abce3fab7683dc9192cf2b2fd49685bc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220524/65017395/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list