Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a4af964f by Moritz Muehlenhoff at 2018-11-11T21:43:22Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -163,10 +163,12 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated
users to bypass intended
NOT-FOR-US: tianti
CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp
in the PSD ...)
- exiv2 <unfixed> (bug #913272)
+ [stretch] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/426
NOTE: https://github.com/Exiv2/exiv2/pull/518
CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called
from ...)
- exiv2 <unfixed> (bug #913273)
+ [stretch] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/427
NOTE: https://github.com/Exiv2/exiv2/pull/518
CVE-2018-19106
=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ ansible
--
ceph
--
+chromium-browser
+--
glusterfs
--
gnutls28
@@ -42,10 +44,14 @@ mariadb-10.1/stable
--
mercurial
--
+mkvtoolnix
+--
openjpeg2 (luciano)
--
passenger
--
+pdns
+--
php7.0
wait until more severe issues have come up
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
