Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c885282f by Salvatore Bonaccorso at 2020-09-25T21:07:47+02:00
Remove note on already fully rejected CVE
As the later mentioned CVE was fully rejected at MITRE level already we
should not further encourage to reference that somewhere, drop the note
in meanwhile (the rejected CVE was withdrawn furthermore by it's
assigning CNA back). The issue attached is ignored or no-dsa and fixed
in later versions, so we are fine for the further processings.
- - - - -
7ec3ec6f by Salvatore Bonaccorso at 2020-09-25T21:11:51+02:00
Track fixed version for CVE-2020-1722/freeipa
Note we use 4.8.8-2 here as the 4.8.8-1 upload apparently never hit the
archive, the first source ever entering unstable with the fix was thus
4.8.8-2.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59895,7 +59895,7 @@ CVE-2020-1724 (A flaw was found in Keycloak in versions
before 9.0.2. This flaw
CVE-2020-1723
RESERVED
CVE-2020-1722 (A flaw was found in all ipa versions 4.x.x through 4.8.0. When
sending ...)
- - freeipa <unfixed> (bug #966200)
+ - freeipa 4.8.8-2 (bug #966200)
[buster] - freeipa <no-dsa> (Minor issue)
NOTE: https://pagure.io/freeipa/issue/8268
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793071
@@ -120967,7 +120967,6 @@ CVE-2018-19211 (In ncurses 6.1, there is a NULL
pointer dereference at function
[jessie] - ncurses <no-dsa> (Minor issue)
[wheezy] - ncurses <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643754
- NOTE: according to this Redhat bug, this is a duplicate of
CVE-2018-10754, which has been rejected
CVE-2018-19210 (In LibTIFF 4.0.9, there is a NULL pointer dereference in the
TIFFWrite ...)
{DSA-4670-1 DLA-1680-1}
- tiff 4.0.10-4 (bug #913675)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ea7fcf1b63e0ed3ede31ff7c6938975d1a5b220d...7ec3ec6fe7fe733a342e2004e617f0f53d00590a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ea7fcf1b63e0ed3ede31ff7c6938975d1a5b220d...7ec3ec6fe7fe733a342e2004e617f0f53d00590a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
