[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2019-3832 for libsndfile in Jessie LTS.

Sun, 17 Feb 2019 02:16:53 -0800 

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
815ff088 by Chris Lamb at 2019-02-17T10:13:44Z
Triage CVE-2019-3832 for libsndfile in Jessie LTS.

- - - - -
5066bb01 by Chris Lamb at 2019-02-17T10:14:37Z
Triage CVE-2019-8343 in nasm for Jessie LTS.

- - - - -
3c9605d0 by Chris Lamb at 2019-02-17T10:15:44Z
data/dla-needed.txt: Triage kde4libs for Jessie LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,6 +121,7 @@ CVE-2019-8344
 CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free 
in ...)
        - nasm <unfixed> (bug #922433)
        [stretch] - nasm <no-dsa> (Minor issue)
+       [jessie] - nasm <no-dsa> (Minor issue)
        NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392556
 CVE-2019-8342
        RESERVED
@@ -10285,6 +10286,7 @@ CVE-2019-3832 [incomplete fix for CVE-2018-19758]
        RESERVED
        - libsndfile <unfixed> (bug #922372)
        [stretch] - libsndfile <not-affected> (Incomplete fix for 
CVE-2018-19758 not applied)
+       [jessie] - libsndfile <not-affected> (Incomplete fix for CVE-2018-19758 
not applied)
        NOTE: 
https://github.com/erikd/libsndfile/issues/456#issuecomment-463542436
 CVE-2019-3831
        RESERVED


=====================================
data/dla-needed.txt
=====================================
@@ -54,6 +54,8 @@ jackson-databind
   NOTE: 20190210: this blacklist (class SubTypeValidator) is not available in 
Jessie
   NOTE: 20190210: should that be backported or the CVEs marked as no-dsa?
 --
+kde4libs
+--
 libav (Mike Gabriel)
   NOTE: 20190131: Re-added after ~deb8u5 upload. Still not done, yet.
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/bd9733343e5b37f7548c6f3e6fe02b186c3d2265...3c9605d05b1dab1d1adb8a8856592062465ab58a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/bd9733343e5b37f7548c6f3e6fe02b186c3d2265...3c9605d05b1dab1d1adb8a8856592062465ab58a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to