[Git][security-tracker-team/security-tracker][master] take firefox

Sun, 24 Mar 2019 04:02:39 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
06a07340 by Moritz Muehlenhoff at 2019-03-24T11:01:44Z
take firefox
qemu update

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1018,6 +1018,7 @@ CVE-2019-9824
        - qemu-kvm <removed>
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg01871.html
        NOTE: https://www.openwall.com/lists/oss-security/2019/03/18/1
+       NOTE: 
https://github.com/qemu/qemu/commit/d3222975c7d6cda9e25809dea05241188457b113
 CVE-2019-9823
        RESERVED
 CVE-2019-9822
@@ -3429,8 +3430,9 @@ CVE-2019-8936 [Crafted null dereference attack in 
authenticated mode 6 packet]
        NOTE: Relates/corresponds to 
https://gitlab.com/NTPsec/ntpsec/issues/509 for ntpsec
        NOTE: which has a separate CVE id CVE-2019-6445 specifically for 
src:ntpsec
 CVE-2019-8934 (hw/ppc/spapr.c in QEMU through 3.1.0 allows Information 
Exposure becau ...)
-       - qemu <unfixed> (bug #922923)
+       - qemu <unfixed> (low; bug #922923)
        [buster] - qemu <ignored> (Too intrusive to backport, marginal impact)
+       [stretch] - qemu <ignored> (Too intrusive to backport, marginal impact)
        - qemu-kvm <removed>
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html
 CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the 
uploads/ di ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -20,7 +20,7 @@ evolution
 faad2
   not yet fixed upstream
 --
-firefox-esr
+firefox-esr (jmm)
 --
 glusterfs
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a07340b3364be7b8be0080efccdbb853f6e5ba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/06a07340b3364be7b8be0080efccdbb853f6e5ba
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to