[Git][security-tracker-team/security-tracker][master] 4 commits: Remove one unused NOTE

Sun, 29 Dec 2019 03:59:55 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b75dc557 by Salvatore Bonaccorso at 2019-12-29T11:50:28Z
Remove one unused NOTE

- - - - -
4e6e16d9 by Salvatore Bonaccorso at 2019-12-29T11:55:41Z
Add upstream commit reference for CVE-2018-10852

- - - - -
b051178a by Salvatore Bonaccorso at 2019-12-29T11:56:14Z
Add fixed version for CVE-2018-10852/sssd

- - - - -
b42513ae by Salvatore Bonaccorso at 2019-12-29T11:58:02Z
Remove buster tagged source entry for CVE-2018-10852/sssd

The issue was fixed in 1.16.3 upstream, included in the 1.16.3-1 upload
to unstable and did make it apparently to buster.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72027,7 +72027,6 @@ CVE-2018-16883 (sssd versions from 1.13.0 to before 
2.0.0 did not properly restr
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1659862
        NOTE: Fixed in upstream 2.0.0 while refactoring code
        NOTE: Fixed by 
https://pagure.io/SSSD/sssd/c/fbe2476a3dd9be83ffa85c29dca26f734618d72d?branch=master
-       NOTE: Fixes for older branches will be provided in January 2019.
 CVE-2018-16882 (A use-after-free issue was found in the way the Linux kernel's 
KVM hyp ...)
        - linux 4.19.13-1
        [stretch] - linux <not-affected> (Vulnerable code not present)
@@ -88386,10 +88385,10 @@ CVE-2018-10853 (A flaw was found in the way Linux 
kernel KVM hypervisor before 4
        NOTE: Fixed by: 
https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
 CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the 
available s ...)
        {DLA-1429-1}
-       - sssd <unfixed> (bug #902860)
-       [buster] - sssd <no-dsa> (Minor issue)
+       - sssd 1.16.3-1 (bug #902860)
        [stretch] - sssd <no-dsa> (Minor issue)
        NOTE: https://pagure.io/SSSD/sssd/issue/3766
+       NOTE: 
https://pagure.io/SSSD/sssd/c/ed90a20a0f0e936eb00d268080716c0384ffb01d (master, 
ssd-1_16_3)
 CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 
4.1.5 and 4. ...)
        - pdns 4.1.5-1 (bug #913163)
        [stretch] - pdns 4.0.3-1+deb9u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/3ddc1c2172ff36a897b41a11bce2852c4ee69e7e...b42513ae30e2565a157a67580f1d1e89cfeddffc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/3ddc1c2172ff36a897b41a11bce2852c4ee69e7e...b42513ae30e2565a157a67580f1d1e89cfeddffc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to