Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits: d4223e1a by Hugo Lefeuvre at 2019-08-13T08:15:55Z dla-needed: update tika entry - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -132,11 +132,8 @@ subversion NOTE: 20190804: For (at least) CVE-2018-11782 the svn_err_trace that is in the diff has not been added yet. (lamby) -- tika (Hugo Lefeuvre) - NOTE: probable fix for all three vulnerabilities: - NOTE: https://github.com/apache/tika/commit/426be73b9e7500fa3d441231fa4e473de34743f6 - NOTE: contacted tika developers to get confirmation: - NOTE: https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E - NOTE: 20190810: got answer privately, they should be able to confirm next week + NOTE: 20190813: found commit links and reproducers. + NOTE: currently having difficulties to reproduce issues. Asked maintainer for help (c.f. debian-lts ML) -- tomcat8 (Sylvain Beucler) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4223e1a2c8d7605817f571abe01d9d1e0dd52e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4223e1a2c8d7605817f571abe01d9d1e0dd52e9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
