[Git][security-tracker-team/security-tracker][master] 2 commits: LTS/annotate CVE-2020-1712/systemd as not affecting jessie

Tue, 18 Feb 2020 14:58:01 -0800 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
063e82ef by Roberto C. Sánchez at 2020-02-18T17:56:22-05:00
LTS/annotate CVE-2020-1712/systemd as not affecting jessie

- - - - -
c9da3e61 by Roberto C. Sánchez at 2020-02-18T17:57:14-05:00
LTS/remove systemd from dla-needed.txt, no open vulnerabilities

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -18669,6 +18669,7 @@ CVE-2020-1713
 CVE-2020-1712 [heap use-after-free vulnerability]
        RESERVED
        - systemd 244.2-1 (bug #950732)
+       [jessie] - systemd <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/systemd/systemd/commit/773b1a7916bfce3aa2a21ecf534d475032e8528e
 (preparation)
        NOTE: 
https://github.com/systemd/systemd/commit/95f82ae9d774f3508ce89dcbdd0714ef7385df59
 (preparation)
        NOTE: 
https://github.com/systemd/systemd/commit/7f56982289275ce84e20f0554475864953e6aaab
 (preparation)


=====================================
data/dla-needed.txt
=====================================
@@ -103,9 +103,6 @@ squid3 (Markus Koschany)
   NOTE: 20200120: or the absolute function is the issue but it is hard to tell 
without more
   NOTE: 20200120: details on the intention. (Ola)
 --
-systemd (Roberto C. Sánchez)
-  NOTE: 20200218: systemd in Jessie is probably not affected by CVE-2020-1712 
but recheck
---
 tomcat8 (Abhijith PA)
  NOTE: 20200106: Almost done. Working on failing testcase.
  NOTE: 20200210: TestFormAuthenticator failing with CVE-2019-17563. 
backporting upstream tests (abhijith)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ad55da9891799aef8fe2383aa543c1664c9ffd48...c9da3e6199b4047617fc8cc7edc8123b1154030c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ad55da9891799aef8fe2383aa543c1664c9ffd48...c9da3e6199b4047617fc8cc7edc8123b1154030c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to