Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2b23d4af by Thorsten Alteholz at 2018-12-02T21:35:45Z mark CVE-2018-19760 as no-dsa for Jessie - - - - - 030c8d5b by Thorsten Alteholz at 2018-12-02T21:40:27Z add jasper - - - - - c9e79efb by Thorsten Alteholz at 2018-12-02T21:41:53Z add freerdp - - - - - 95e5216e by Thorsten Alteholz at 2018-12-02T21:49:19Z add exiv2 - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -60,6 +60,7 @@ CVE-2018-19761 (There is an illegal address access at fromsixel.c (function: ... CVE-2018-19760 (cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. ...) - confuse <unfixed> (low) [stretch] - confuse <no-dsa> (Minor issue) + [jessie] - confuse <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1649152 CVE-2018-19759 (There is a heap-based buffer over-read at stb_image_write.h (function: ...) TODO: check ===================================== data/dla-needed.txt ===================================== @@ -16,6 +16,14 @@ cairo enigmail NOTE: 20181113: depends on gnupg2 updates, see 87r2fqnja0....@curie.anarc.at (anarcat) -- +exiv2 (Thorsten Alteholz) + NOTE: also recheck other CVEs +-- +freerdp + NOTE: 20181202: Mike is uploader, so he should probably take this +-- +jasper +-- libapache-mod-jk (Roberto C. Sánchez) NOTE: 20181123: Packages ready, testing complete, waiting on security team feedback, NOTE: 20181123: as this work includes an updated package for stretch. (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a1363ac565d4d5dd6ae5113021793eb03be620a7...95e5216e0781ef6afa06cf9228a30756ecc0f578 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a1363ac565d4d5dd6ae5113021793eb03be620a7...95e5216e0781ef6afa06cf9228a30756ecc0f578 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits