list: Tag CVE-2018-14329 as for htslib in [jessie]. Upstream…

Mike Gabriel Tue, 17 Jul 2018 10:07:04 -0700

Mike Gabriel pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
465d0599 by Mike Gabriel at 2018-07-17T19:06:23+02:00
data/CVE/list: Tag CVE-2018-14329 as &lt;no-dsa&gt; for htslib in [jessie]. 
Upstream chose to ignore the issue and encounter it with user education.

  See https://github.com/samtools/htslib/issues/736#issuecomment-405638099

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,7 +19,9 @@ CVE-2018-14330
        RESERVED
 CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow 
local ...)
        - htslib <unfixed>
+       [jessie] - htslib <no-dsa> (Minor issue, ignored by upstream)
        NOTE: https://github.com/samtools/htslib/issues/736
+       NOTE: Upstream closed the issue, reasoning that fixing the issue would 
cause another set of problems.
 CVE-2018-14328
        RESERVED
 CVE-2018-14327



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/465d05999225761e220c0f45003609697f9bf8ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/465d05999225761e220c0f45003609697f9bf8ec
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] data/CVE/list: Tag CVE-2018-14329 as for htslib in [jessie]. Upstream…

Reply via email to