Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits: 43581d33 by Hugo Lefeuvre at 2019-12-09T12:43:27Z dla: update notes, reclaim clamav, freeimage and reportlab - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -15,15 +15,16 @@ ansible NOTE: CVE-2019-14846 should be an easy fix. NOTE: CVE-2019-14858's upstream patch is too big; fails to work properly. (utkarsh2102) -- -clamav +clamav (Hugo Lefeuvre) + NOTE: waiting for 0.102.1 to enter stretch/buster. -- davical (Roberto C. Sánchez) -- firefox-esr (Emilio) -- -freeimage +freeimage (Hugo Lefeuvre) NOTE: 20191028: submitted a patch for CVE-2019-12211, see Debian bug report - NOTE: 20191123: upstream appears to have merged a modified version of my patch + NOTE: 20191209: upload pending -- ibus NOTE: 20191210: Requires glib2.0 to be patched also. @@ -90,8 +91,8 @@ php-horde-trean (Roberto C. Sánchez) python-oslo.utils (Abhijith PA) NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102) -- -python-reportlab - NOTE: 20191123: still no upstream fix +python-reportlab (Hugo Lefeuvre) + NOTE: 20191209: still no upstream fix -- radare2 NOTE: 20190816: Affected by CVE-2019-14745. Vulnerable code is in View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43581d33a4670734daa55274867993301c434804 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43581d33a4670734daa55274867993301c434804 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
