Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 55f7b1f3 by Chris Lamb at 2018-07-05T21:38:10+02:00 data/dla-needed.txt: Add dates for jetty. - - - - - 53526d8f by Chris Lamb at 2018-07-05T21:38:21+02:00 data/dla-needed.txt: Claim ca-certificates. - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -18,7 +18,7 @@ bouncycastle (Markus Koschany) -- busybox (Markus Koschany) -- -ca-certificates +ca-certificates (Chris Lamb) NOTE: 20180531: check if we need to perform an update before wheezy is EOL (anarcat) NOTE: 20180601: Will keep this open and check for jessie now. (lamby) -- @@ -39,15 +39,15 @@ graphicsmagick (Roberto C. Sánchez) intel-microcode -- jetty (Hugo Lefeuvre) - NOTE: jetty8 almost never marked as affected whereas jetty and jetty9 are. Reason ? - NOTE: CVE-2018-12536 fixed in latest upstream release. Looks like upstream - NOTE: voluntarily obfuscated the issue (fix hidden in unrelated changes). - NOTE: Fix (9.4.x): a51920d650d924cc2cea011995624b394437c6e0 - NOTE: (9.3.x): 53e8bc2a636707e896fd106fbee3596823c2cdc9 (closer to Debian versions) - NOTE: check before putting in the tracker. - NOTE: jetty: doesn't seem to be affected (Wheezy + Jessie) - NOTE: jetty8: still need to check (Wheezy + Jessie) - NOTE: jetty9: affected, will provide patches for stretch and testing + NOTE: 20180702: jetty8 almost never marked as affected whereas jetty and jetty9 are. Reason ? + NOTE: 20180702: CVE-2018-12536 fixed in latest upstream release. Looks like upstream + NOTE: 20180702: voluntarily obfuscated the issue (fix hidden in unrelated changes). + NOTE: 20180702: Fix (9.4.x): a51920d650d924cc2cea011995624b394437c6e0 + NOTE: 20180702: (9.3.x): 53e8bc2a636707e896fd106fbee3596823c2cdc9 (closer to Debian versions) + NOTE: 20180702: check before putting in the tracker. + NOTE: 20180702: jetty: doesn't seem to be affected (Wheezy + Jessie) + NOTE: 20180702: jetty8: still need to check (Wheezy + Jessie) + NOTE: 20180702: jetty9: affected, will provide patches for stretch and testing -- kdepim -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/dd6b5597356b0686b981248df18cd4455b17e8d0...53526d8f768c7de1ea41666dac153e2f43718685 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/dd6b5597356b0686b981248df18cd4455b17e8d0...53526d8f768c7de1ea41666dac153e2f43718685 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
