[Git][security-tracker-team/security-tracker][master] Reserve DLA-1555-1 for libmspack

Fri, 26 Oct 2018 13:56:17 -0700 

Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c2db21d3 by Thorsten Alteholz at 2018-10-26T20:50:07Z
Reserve DLA-1555-1 for libmspack

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Oct 2018] DLA-1555-1 libmspack - security update
+       {CVE-2018-18584 CVE-2018-18585}
+       [jessie] - libmspack 0.5-1+deb8u3
 [25 Oct 2018] DLA-1554-2 389-ds-base - regression update
        [jessie] - 389-ds-base 1.3.3.5-4+deb8u5
 [25 Oct 2018] DLA-1554-1 389-ds-base - security update


=====================================
data/dla-needed.txt
=====================================
@@ -43,8 +43,6 @@ liblivemedia (Hugo Lefeuvre)
   NOTE: CVE entry says remote: "no", but it looks like a pretty exploitable 
remote vulnerability
   NOTE: (remote code execution)... CVE is very well documented so I think this 
is worth a patch
 --
-libmspack (Thorsten Alteholz)
---
 libspring-java (Abhijith PA)
   NOTE: 20181025: uses internal system & id to handle security issues, thus 
very hard chase all relevant commits. Contacted 
   NOTE: 20181025: upstream but they couldn't help either. Only way left is to 
mark remaining vulnerabilities as no-dsa. 



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2db21d3fa7e949207ce24b9dfda4192f7bdd9c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2db21d3fa7e949207ce24b9dfda4192f7bdd9c3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to