[Git][security-tracker-team/security-tracker][master] 2 commits: Wrap one linger note for readability

Thu, 05 Jul 2018 12:21:54 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b9b7654d by Salvatore Bonaccorso at 2018-07-05T20:41:41+02:00
Wrap one linger note for readability

- - - - -
dd6b5597 by Salvatore Bonaccorso at 2018-07-05T21:21:04+02:00
Track proposed git-annex update vie stretch-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3070,8 +3070,10 @@ CVE-2018-XXXX [OVE-20180430-0002: mpatch: protect 
against underflow in mpatch_ap
        - mercurial 4.6.1-1 (bug #901050)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
        NOTE: https://www.mercurial-scm.org/repo/hg/rev/1acfc35d478c
-       NOTE: there are actually 6 more patches required to completely fix bug 
#901050, see 
https://www.mercurial-scm.org/repo/hg-committed/log?rev=modifies%28%22mercurial%2Fmpatch.c%22%29+and+4.5%3A%3A
-       NOTE: upstream proposes we use OVE-20180430-0002 to cover all undefined 
behavior cases which the 6 patches fix
+       NOTE: there are actually 6 more patches required to completely fix bug 
#901050,
+       NOTE: see 
https://www.mercurial-scm.org/repo/hg-committed/log?rev=modifies%28%22mercurial%2Fmpatch.c%22%29+and+4.5%3A%3A
+       NOTE: upstream proposes we use OVE-20180430-0002 to cover all undefined 
behavior
+       NOTE: cases which the 6 patches fix
 CVE-2018-XXXX [OVE-20180430-0001: mpatch: be more careful about parsing binary 
patch data]
        - mercurial 4.6.1-1 (bug #901050)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29


=====================================
data/next-point-update.txt
=====================================
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -155,3 +155,7 @@ CVE-2018-11506
        [stretch] - linux 4.9.110-1
 CVE-2018-12233
        [stretch] - linux 4.9.110-1
+CVE-2018-10857
+       [stretch] - git-annex 6.20170101-1+deb9u2
+CVE-2018-10859
+       [stretch] - git-annex 6.20170101-1+deb9u2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/379c2521d412e6d3b94701b58fb8fde6b57db14c...dd6b5597356b0686b981248df18cd4455b17e8d0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/379c2521d412e6d3b94701b58fb8fde6b57db14c...dd6b5597356b0686b981248df18cd4455b17e8d0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to