Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: c065284d by Thorsten Alteholz at 2020-05-18T15:25:20+02:00 mark CVE-2020-1945 as no-dsa for Jessie - - - - - 93b1fe31 by Thorsten Alteholz at 2020-05-18T15:27:56+02:00 add clamav - - - - - ec9fcde4 by Thorsten Alteholz at 2020-05-18T15:30:04+02:00 add libspring-security-2.0-java - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -29145,6 +29145,7 @@ CVE-2020-1945 (Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default te - ant 1.10.8-1 (low; bug #960630) [buster] - ant <no-dsa> (Minor issue) [stretch] - ant <no-dsa> (Minor issue) + [jessie] - ant <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/05/13/1 NOTE: https://github.com/apache/ant/commit/9c1f4d905da59bf446570ac28df5b68a37281f35 (1.9.15) NOTE: https://github.com/apache/ant/commit/926f339ea30362bec8e53bf5924ce803938163b7 (1.9.15) ===================================== data/dla-needed.txt ===================================== @@ -35,6 +35,8 @@ bluez (Roberto C. Sánchez) NOTE: 20200513: See: https://lists.debian.org/debian-lts/2020/05/msg00038.html (untested patch) NOTE: 20200513: Another alternative would be to backport the fixed version in Stretch. -- +clamav +-- condor NOTE: 20200502: Upstream has only released workarounds; complete fix is still embargoed (roberto) -- @@ -67,6 +69,8 @@ libmatio (Adrian Bunk) NOTE: 20190428: older changes seem to also be required for them NOTE: 20200518: work is ongoing (bunk) -- +libspring-security-2.0-java +-- linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/36800bc661d84d3e8756e209b80beffe460fc85c...ec9fcde4c9eb66a9db55fa608f7b619bc3c03131 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/36800bc661d84d3e8756e209b80beffe460fc85c...ec9fcde4c9eb66a9db55fa608f7b619bc3c03131 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits