[Git][security-tracker-team/security-tracker][master] calamares-settings-debian no-dsa

Mon, 08 Jul 2019 13:48:14 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8e5f1c21 by Moritz Muehlenhoff at 2019-07-08T20:47:14Z
calamares-settings-debian no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -607,6 +607,7 @@ CVE-2019-13180
 CVE-2019-13179 (Calamares versions 3.1 through 3.2.10 copies a LUKS encryption 
keyfile ...)
        - calamares 3.2.11-1 (bug #931392)
        - calamares-settings-debian 10.0.23-1 (bug #931373)
+       [buster] - calamares-settings-debian <no-dsa> (Will be fixed via Buster 
point release)
        NOTE: https://github.com/calamares/calamares/issues/1191
        NOTE: 
https://github.com/calamares/calamares/commit/003096698627a527b589c0c929dda4d58f23fd93
        NOTE: The issue itself can be adressed as well via 
calamares-settings-debian and
@@ -615,9 +616,10 @@ CVE-2019-13179 (Calamares versions 3.1 through 3.2.10 
copies a LUKS encryption k
        NOTE: 
https://github.com/calamares/calamares/commit/43eb664e7d44d963bb7b82d03215d84b47100ba0
        NOTE: Fixed by: 
https://github.com/calamares/calamares/commit/c9b675cbc64ac5aab35ddd86a64311abd50f7720
 CVE-2019-13178 (modules/luksbootkeyfile/main.py in Calamares versions 3.1 
through 3.2. ...)
-       - calamares 3.2.11-1 (bug #931391)
+       - calamares 3.2.11-1 (unimportant; bug #931391)
        NOTE: https://github.com/calamares/calamares/issues/1190
        NOTE: Fixed by: 
https://github.com/calamares/calamares/commit/c9b675cbc64ac5aab35ddd86a64311abd50f7720
+       NOTE: Negligible security impact, Debian live media grant a sudo root 
shell anyway
 CVE-2019-13177 (verification.py in django-rest-registration (aka Django REST 
Registrat ...)
        NOT-FOR-US: django-rest-registration
 CVE-2019-13176



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e5f1c21f7af00aec6974508ce4ad1b4bdc530c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e5f1c21f7af00aec6974508ce4ad1b4bdc530c2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to