Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6666c45d by Moritz Muehlenhoff at 2019-09-01T21:32:21Z
node-fstream spu
rust crate triage
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -761,21 +761,26 @@ CVE-2018-20997 (An issue was discovered in the openssl
crate before 0.10.9 for R
- rust-openssl <not-affected> (Only affected 0.10.8, which was never in
the archive)
NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0010.html
CVE-2018-20996 (An issue was discovered in the crossbeam crate before 0.4.1
for Rust. ...)
- TODO: check
+ - rust-crossbeam-epoch <not-affected> (Fixed before initial upload to
archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0009.html
CVE-2018-20995 (An issue was discovered in the slice-deque crate before 0.1.16
for Rus ...)
- TODO: check
+ NOT-FOR-US: Rust crate slice-deque
CVE-2018-20994 (An issue was discovered in the trust-dns-proto crate before
0.5.0-alph ...)
- TODO: check
+ NOT-FOR-US: Rust crate trust-dns-proto
CVE-2018-20993 (An issue was discovered in the yaml-rust crate before 0.4.1
for Rust. ...)
- TODO: check
+ - rust-yaml-rust <not-affected> (Fixed before initial upload to archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0006.html
CVE-2018-20992 (An issue was discovered in the claxon crate before 0.4.1 for
Rust. Uni ...)
- TODO: check
+ NOT-FOR-US: Rust crate claxon
CVE-2018-20991 (An issue was discovered in the smallvec crate before 0.6.3 for
Rust. T ...)
- TODO: check
+ - rust-smallvec <not-affected> (Fixed before initial upload to archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0003.html
CVE-2018-20990 (An issue was discovered in the tar crate before 0.4.16 for
Rust. Arbit ...)
- TODO: check
+ - rust-tar <not-affected> (Fixed with initial upload to archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0002.html
CVE-2018-20989 (An issue was discovered in the untrusted crate before 0.6.2
for Rust. ...)
- TODO: check
+ - rust-untrusted <not-affected> (Fixed with initial upload to archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2018-0001.html
CVE-2017-18589 (An issue was discovered in the cookie crate before 0.7.6 for
Rust. Lar ...)
TODO: check
CVE-2017-18588 (An issue was discovered in the security-framework crate before
0.1.12 ...)
=====================================
data/next-point-update.txt
=====================================
@@ -149,3 +149,5 @@ CVE-2019-11727
[buster] - nss 2:3.42.1-1+deb10u1
CVE-2019-11729
[buster] - nss 2:3.42.1-1+deb10u1
+CVE-2019-13173
+ [buster] - node-fstream 1.0.10-1+deb10u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6666c45d90daa5b1423288b40ede4eae27fec476
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6666c45d90daa5b1423288b40ede4eae27fec476
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
