Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5862c3a2 by Thorsten Alteholz at 2020-04-25T23:10:20+02:00
fix missing only for Jessie, so this will be done now ...
- - - - -
821b4b3b by Thorsten Alteholz at 2020-04-25T23:10:54+02:00
Reserve DLA-2187-1 for radicale
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -168719,7 +168719,6 @@ CVE-2016-10349 (The archive_le32dec function in
archive_endian.h in libarchive 3
CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to
timing oracl ...)
{DLA-934-1}
- radicale 1.1.1+20160115-4 (bug #861514)
- [jessie] - radicale <no-dsa> (Minor issue)
NOTE:
https://github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b
(1.1.x)
NOTE:
https://github.com/Kozea/Radicale/commit/059ba8dec1f22ccbeab837e288b3833a099cee2d
(master)
CVE-2017-8327 (The bmpr_read_uncompressed function in imagew-bmp.c in
libimageworsene ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Apr 2020] DLA-2187-1 radicale - security update
+ {CVE-2017-8342}
+ [jessie] - radicale 0.9-1+deb8u2
[25 Apr 2020] DLA-2186-1 ncmpc - security update
{CVE-2018-9240}
[jessie] - ncmpc 0.24-1+deb8u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0dcb414ddc57aaf95fedabc0349018a4bfe277b4...821b4b3b1483b1c9e25d0e8eba1a42f177313a3e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0dcb414ddc57aaf95fedabc0349018a4bfe277b4...821b4b3b1483b1c9e25d0e8eba1a42f177313a3e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
