Brian May pushed to branch master at Debian Security Tracker / security-tracker
Commits: dddd2c99 by Brian May at 2019-08-09T07:30:01Z Mark yara not-affected in Jessie and Stretch First version of yara to include the dex module was version 3.8.0: https://github.com/VirusTotal/yara/commit/e6e436008b7776a736960c2e53408e24c4323ddb As this bug is specific to the dex module, earlier versions are not affected. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -27189,6 +27189,8 @@ CVE-2019-5021 (Versions of the Official Alpine Linux Docker images (since v3.3) NOT-FOR-US: Official Alpine Linux Docker images CVE-2019-5020 (An exploitable denial of service vulnerability exists in the object lo ...) - yara 3.9.0-1 + [stretch] - yara <not-affected> (dex module introduced in 3.8.0) + [jessie] - yara <not-affected> (dex module introduced in 3.8.0) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0781 NOTE: https://github.com/VirusTotal/yara/issues/1023 NOTE: https://github.com/VirusTotal/yara/commit/1ecb0e66431bf5c5b4c2fdf622be969eb5f4a7cc ===================================== data/dla-needed.txt ===================================== @@ -146,5 +146,3 @@ xen -- xymon (Thorsten alteholz) -- -yara --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dddd2c992db7f95d89c7ebe65752ef79d39506b4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dddd2c992db7f95d89c7ebe65752ef79d39506b4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
