Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: bf34228f by Ola Lundqvist at 2018-09-19T06:28:14Z Triage results. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -282,7 +282,10 @@ CVE-2018-17058 RESERVED CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ...) - tcpdf <unfixed> (bug #908866) + [jessie] - tcpdf <ignored> (Minor issue) NOTE: https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26e + NOTE: Was considered minor for jessie since arbitrary deserialization + NOTE: is still possible using http and https. CVE-2018-17056 RESERVED CVE-2018-17055 ===================================== data/dla-needed.txt ===================================== @@ -90,6 +90,8 @@ suricata (Thorsten Alteholz) -- symfony (Thorsten Alteholz) -- +sympa +-- thunderbird -- xen View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf34228f593d5c4bf39c64cd9426b4d983321123 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bf34228f593d5c4bf39c64cd9426b4d983321123 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits