[Git][security-tracker-team/security-tracker][master] 4 commits: correct typo

Sun, 28 Jun 2020 05:06:39 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2220faec by Thorsten Alteholz at 2020-06-28T13:38:17+02:00
correct typo

- - - - -
c8ed3f3b by Thorsten Alteholz at 2020-06-28T13:46:27+02:00
add net-snmp

- - - - -
3dd5a53e by Thorsten Alteholz at 2020-06-28T14:05:02+02:00
CVE-2017-10790 is fixed

- - - - -
d6bbbdfd by Thorsten Alteholz at 2020-06-28T14:05:57+02:00
Reserve DLA-2255-1 for libtasn1-6

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -24313,7 +24313,7 @@ CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all 
versions, contains a vulnera
        [stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not 
supported)
        - nvidia-graphics-drivers-legacy-304xx <unfixed>
        [stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not 
supported)
-       [jessie] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not 
supported)
+       [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not 
supported)
        NOTE: 
https://nvidia.custhelp.com/app/answers/detail/a_id/5031/kw/Security%20Bulletin
 CVE-2020-5966 (NVIDIA Windows GPU Display Driver, all versions, contains a 
vulnerabil ...)
        NOT-FOR-US: NVIDIA Windows GPU Display Driver
@@ -170149,7 +170149,6 @@ CVE-2017-10791 (There is an Integer overflow in the 
hash_int function of the lib
 CVE-2017-10790 (The _asn1_check_identifier function in GNU Libtasn1 through 
4.12 cause ...)
        {DSA-4106-1 DLA-1038-1}
        - libtasn1-6 4.12-2.1 (bug #867398)
-       [jessie] - libtasn1-6 <no-dsa> (Minor issue)
        - libtasn1-3 <removed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464141
        NOTE: Fixed by: 
https://gitlab.com/gnutls/libtasn1/commit/d8d805e1f2e6799bb2dff4871a8598dc83088a39


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Jun 2020] DLA-2255-1 libtasn1-6 - security update
+       {CVE-2017-10790}
+       [jessie] - libtasn1-6 4.2-3+deb8u4
 [25 Jun 2020] DLA-2254-1 alpine - security update
        {CVE-2020-14929}
        [jessie] - alpine 2.11+dfsg1-3+deb8u1


=====================================
data/dla-needed.txt
=====================================
@@ -90,6 +90,9 @@ mumble
 --
 mutt (Mike Gabriel)
 --
+net-snmp
+  NOTE: 20200628: be aware of the ABI break introduced by the patches! 
(thorsten)
+--
 nginx
   NOTE: 20200505: Patch for CVE-2020-11724 appears to be fairly invasive and, 
alas, no tests. (lamby)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3d0564a5cf902c3b07abdb9acd5eff65af1d803e...d6bbbdfd223f36356b7e5c16dcba38287dd69a0e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3d0564a5cf902c3b07abdb9acd5eff65af1d803e...d6bbbdfd223f36356b7e5c16dcba38287dd69a0e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to