[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-3189 has been fixed

Mon, 24 Jun 2019 13:23:04 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
69f80d8f by Thorsten Alteholz at 2019-06-24T20:16:20Z
CVE-2016-3189 has been fixed

- - - - -
561884f4 by Thorsten Alteholz at 2019-06-24T20:16:20Z
Reserve DLA-1833-1 for bzip2

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -160119,7 +160119,6 @@ CVE-2016-3190 (The fill_xrgb32_lerp_opaque_spans 
function in cairo-image-composi
        NOTE: 
https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934
 CVE-2016-3189 (Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 
allows rem ...)
        - bzip2 1.0.6-8.1 (low; bug #827744)
-       [jessie] - bzip2 <no-dsa> (Minor issue)
        [wheezy] - bzip2 <no-dsa> (Minor issue)
 CVE-2016-3188 (The _prepopulate_request_walk function in the Prepopulate 
module 7.x-2 ...)
        NOT-FOR-US: Prepopulate module for Drupal


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[24 Jun 2019] DLA-1833-1 bzip2 - security update
+       {CVE-2016-3189 CVE-2019-12900}
+       [jessie] - bzip2 1.0.6-7+deb8u1
 [24 Jun 2019] DLA-1832-1 libvirt - security update
        {CVE-2019-10161 CVE-2019-10167}
        [jessie] - libvirt 1.2.9-9+deb8u7


=====================================
data/dla-needed.txt
=====================================
@@ -15,8 +15,6 @@ ansible (Abhijith PA)
 bind9 (Thorsten Alteholz)
   NOTE: 20190623: test package
 --
-bzip2 (Thorsten Alteholz)
---
 faad2 (Hugo Lefeuvre)
   NOTE: 20190519: I have a few patches pending for open issues. Will be PR-ed 
soon.
   NOTE: 20190525: see https://github.com/knik0/faad2/pull/36



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/107499a8cb05cc249ac1d39c318b7195ae3af0ee...561884f4006ce9240fc434c9963a1af9cb80262b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/107499a8cb05cc249ac1d39c318b7195ae3af0ee...561884f4006ce9240fc434c9963a1af9cb80262b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to