Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4dc4b620 by Thorsten Alteholz at 2020-09-26T17:53:32+02:00 'point release' for nfdump (CVE-2019-1010057 and CVE-2019-14459) just happened - - - - - cbb7b7f8 by Thorsten Alteholz at 2020-09-26T17:54:28+02:00 Reserve DLA-2383-1 for nfdump - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -77601,7 +77601,6 @@ CVE-2019-14460 CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by an integer overflow in the fu ...) - nfdump 1.6.18-1 (bug #933740) [buster] - nfdump <no-dsa> (Minor issue) - [stretch] - nfdump <no-dsa> (Minor issue) NOTE: https://github.com/phaag/nfdump/issues/171 NOTE: https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of ...) @@ -92676,7 +92675,6 @@ CVE-2019-1010058 RESERVED CVE-2019-1010057 (nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact ...) - nfdump 1.6.17-1 - [stretch] - nfdump <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://github.com/phaag/nfdump/issues/104 NOTE: https://github.com/phaag/nfdump/commit/9f0fe9563366f62a71d34c92229da3432ec5cf0e CVE-2019-1010056 ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[26 Sep 2020] DLA-2383-1 nfdump - security update + {CVE-2019-14459 CVE-2019-1010057} + [stretch] - nfdump 1.6.15-3+deb9u1 [26 Sep 2020] DLA-2382-1 curl - security update {CVE-2020-8231} [stretch] - curl 7.52.1-5+deb9u12 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits