[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-1000494 fixed in recent upload

Thu, 30 May 2019 10:05:55 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ef481864 by Thorsten Alteholz at 2019-05-30T16:59:37Z
CVE-2017-1000494 fixed in recent upload

- - - - -
0ff73890 by Thorsten Alteholz at 2019-05-30T16:59:52Z
Reserve DLA-1811-1 for miniupnpd

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -73218,7 +73218,6 @@ CVE-2017-1000495 (QuickApps CMS version 2.0.0 is 
vulnerable to Stored Cross-site
 CVE-2017-1000494 (Uninitialized stack variable vulnerability in 
NameValueParserEndElt (u ...)
        - miniupnpd 2.0.20171212-1 (bug #887129)
        [stretch] - miniupnpd 1.8.20140523-4.1+deb9u1
-       [jessie] - miniupnpd <no-dsa> (Minor issue)
        - miniupnpc 2.0.20171212-3 (unimportant)
        NOTE: https://github.com/miniupnp/miniupnp/issues/268
        NOTE: 
https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2019] DLA-1811-1 miniupnpd - security update
+       {CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 
CVE-2019-12110 CVE-2019-12111}
+       [jessie] - miniupnpd 1.8.20140523-4+deb8u1
 [30 May 2019] DLA-1810-1 tomcat7 - security update
        {CVE-2019-0221}
        [jessie] - tomcat7 7.0.56-3+really7.0.94-1


=====================================
data/dla-needed.txt
=====================================
@@ -75,8 +75,6 @@ linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
 --
-miniupnpd (Thorsten Alteholz)
---
 mupdf (Mike Gabriel)
   NOTE: 20190529: Upload candidate: 
http://packages.sunweavers.net/debian/pool/main/m/mupdf/mupdf_1.5-1+deb8u5.dsc
   NOTE: 20190529: Not yet fully tested.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/901466d1e28b71ca98e8684616f7da53688a6d58...0ff7389037099916ae79f7cd94728440c3136f07

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/901466d1e28b71ca98e8684616f7da53688a6d58...0ff7389037099916ae79f7cd94728440c3136f07
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to