Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7a9a0759 by Sylvain Beucler at 2020-07-13T16:51:52+02:00 dla: update status (nginx, python3.5, rails) - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -109,8 +109,9 @@ mupdf NOTE: 20200708: Vulnerable to at least CVE-2019-13290. (lamby) -- nginx (Sylvain Beucler) - NOTE: 20200505: Patch for CVE-2020-11724 appears to be fairly invasive and, alas, no tests. (lamby) - NOTE: 20200708: #948650 is a stretch point release update for CVE-2019-20372 (bunk) + NOTE: 20200713: update is ready, will publish after point release unless it's delayed too much (Beuc) + NOTE: 20200713: https://www.beuc.net/tmp/debian-lts/nginx/ + NOTE: 20200713: this deb9u5 includes/supersedes stretch-pu deb9u4 -- nss (Adrian Bunk) NOTE: 20200706: from dsa-needed.txt: Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508 (Beuc) @@ -127,7 +128,7 @@ puma NOTE: 20200708: Vulnerable to (at least) CVE-2020-11076. (lamby) -- python3.5 (Sylvain Beucler) - NOTE: 20200709: update is ready, only (lotsa) non-critical CVEs so uploading after point release (Beuc) + NOTE: 20200709: update is ready, only (lotsa) non-critical CVEs so uploading after point release unless it's delayed too much (Beuc) NOTE: 20200709: https://www.beuc.net/tmp/debian-lts/python3.5/ -- qemu @@ -138,6 +139,7 @@ rails (Sylvain Beucler) NOTE: 20200706: https://lists.debian.org/debian-lts/2020/07/msg00065.html NOTE: 20200709: https://www.beuc.net/tmp/debian-lts/rails/ NOTE: 20200709: this deb9u3 includes/supersedes stretch-pu deb9u2 + NOTE: 20200713: secteam was planning to work on buster side past week-end -- ruby-zip NOTE: 20200710: Vulnerable to at least CVE-2018-1000544. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a9a075995457fc58b67296cce5e70edff3feb7a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a9a075995457fc58b67296cce5e70edff3feb7a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
