Hugo Lefeuvre pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03967bc0 by Hugo Lefeuvre at 2019-05-20T09:45:19Z
Reserve DLA-1795-1 for graphicsmagick
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 May 2019] DLA-1795-1 graphicsmagick - security update
+ {CVE-2019-11473 CVE-2019-11474 CVE-2019-11505 CVE-2019-11506}
+ [jessie] - graphicsmagick 1.3.20-3+deb8u7
[19 May 2019] DLA-1794-1 libspring-security-2.0-java - security update
{CVE-2019-3795}
[jessie] - libspring-security-2.0-java 2.0.7.RELEASE-3+deb8u1
=====================================
data/dla-needed.txt
=====================================
@@ -30,11 +30,6 @@ evolution-ews
faad2 (Hugo Lefeuvre)
NOTE: 20190519: I have a few patches pending for open issues. Will be PR-ed
soon.
--
-graphicsmagick (Hugo Lefeuvre)
- NOTE: 20190512: preparing an update for recent buffer overflows.
- NOTE: 20190519: upload ready, but found regressions in 1.3.20-3+deb8u6. They
should
- NOTE: probably be handled first. Can I fix them in the same upload?
---
hdf5 (Hugo Lefeuvre)
NOTE: CVE-2018-17432: upstream claims to have fixed this in 1.10.5 (issue
HDF-10590)
NOTE: but not mentioned in release notes + no commit directly mentioning the
issue
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03967bc05f5aab3f62a5cc536ea78dffd8206262
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/03967bc05f5aab3f62a5cc536ea78dffd8206262
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
