Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7b1c66f0 by Thorsten Alteholz at 2018-11-28T14:05:31Z readd ghostscript - - - - - 7d93be21 by Thorsten Alteholz at 2018-11-28T14:12:34Z mark CVE-2018-19591 as not affected for Jessie - - - - - 5d41613b by Thorsten Alteholz at 2018-11-28T14:14:59Z add samba - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -2056,6 +2056,7 @@ CVE-2018-19591 [Linux if_nametoindex() does not close descriptor] RESERVED - glibc <unfixed> (bug #914837) [stretch] - glibc <not-affected> (Vulnerable code introduced later and not backported to stretch) + [jessie] - glibc <not-affected> (Vulnerable code introduced later and not backported to jessie) - eglibc <removed> NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23927 NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d527c860f5a3f0ed687bd03f0cb464612dc23408 ===================================== data/dla-needed.txt ===================================== @@ -16,6 +16,8 @@ cairo enigmail NOTE: 20181113: depends on gnupg2 updates, see 87r2fqnja0....@curie.anarc.at (anarcat) -- +ghostscript +-- libapache-mod-jk (Roberto C. Sánchez) NOTE: 20181123: Packages ready, testing complete, waiting on security team feedback, NOTE: 20181123: as this work includes an updated package for stretch. (roberto) @@ -52,6 +54,8 @@ php5 (Roberto C. Sánchez) qemu (Santiago) NOTE: 20181121: Call for testers: https://lists.debian.org/debian-lts/2018/11/msg00104.html -- +samba +-- salt (Mike Gabriel) NOTE: 20181128: Have spent 0.75h on looking for the actual commits that fixed both open CVEs. NOTE: 20181128: No such URLs / hints / messages in Git log found. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9711fb12f8d3298b243f64c4ec76e3fc6d7e14f1...5d41613b6c3cdffea3dddd889c57883828cfe260 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9711fb12f8d3298b243f64c4ec76e3fc6d7e14f1...5d41613b6c3cdffea3dddd889c57883828cfe260 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits