Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1adab392 by Chris Lamb at 2019-02-11T15:37:01Z
data/dla-needed.txt: Triage python-django for jessie.
- - - - -
bf448b07 by Chris Lamb at 2019-02-11T15:37:20Z
Reserve DLA-1672-1 for curl
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[11 Feb 2019] DLA-1672-1 curl - security update
+ {CVE-2018-16890 CVE-2019-3822 CVE-2019-3823}
+ [jessie] - curl 7.38.0-4+deb8u14
[11 Feb 2019] DLA-1671-1 coturn - security update
{CVE-2018-4056 CVE-2018-4058 CVE-2018-4059}
[jessie] - coturn 4.2.1.2-1+deb8u1
=====================================
data/dla-needed.txt
=====================================
@@ -15,8 +15,6 @@ cairo
--
ceph
--
-curl (Chris Lamb)
---
drupal7
NOTE: 20190203: For CVE-2019-6339 CVE-2018-1000888 in php-pear need a fix. I
have uploaded drupal7 before.
NOTE: 20190203: I will look in to it in this week itself(abhijith)
@@ -104,6 +102,8 @@ phpmyadmin
polarssl
NOTE: 20121207: Not 100% sure if vulnerable. Upstream would prefer us to
move to latest version, etc. (!). (lamby)
--
+python-django
+--
python-gnupg
NOTE: 20190201: Bug can be reproduced on Buster/Sid with Jessie's version of
NOTE: python-gnupg. Reproducer will not work in Jessie environment because of
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb8dda88315b1dd3577d84e44600a56b1c5695a0...bf448b07ae6bd375393d01cadcadaaf747aaa395
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb8dda88315b1dd3577d84e44600a56b1c5695a0...bf448b07ae6bd375393d01cadcadaaf747aaa395
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
