[Git][security-tracker-team/security-tracker][master] buster triage

Mon, 19 Oct 2020 14:25:59 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
82afcf5a by Moritz Muehlenhoff at 2020-10-19T23:24:35+02:00
buster triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2436,6 +2436,7 @@ CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows 
attackers to bypass intended
        NOTE: https://github.com/dgrijalva/jwt-go/pull/426
 CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular 
expressi ...)
        - libonig <unfixed> (bug #972113)
+       [buster] - libonig <no-dsa> (Minor issue)
        NOTE: 
https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0
        NOTE: https://github.com/kkos/oniguruma/issues/207
 CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of 
Service (R ...)
@@ -130186,6 +130187,7 @@ CVE-2018-16849 (A flaw was found in 
openstack-mistral. By manipulating the SSH p
        NOTE: https://bugs.launchpad.net/mistral/+bug/1783708
 CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack 
Mistral i ...)
        - mistral 10.0.0~rc1-2
+       [buster] - mistral <no-dsa> (Minor issue)
        [stretch] - mistral <end-of-life> (OpenStack component; not supported 
in stretch LTS)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332
        NOTE: https://bugs.launchpad.net/mistral/%2Bbug/1785657


=====================================
data/dsa-needed.txt
=====================================
@@ -23,8 +23,12 @@ linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v4.19.y versions.
 --
+mariadb-10.3 (jmm)
+--
 netty
 --
+pdns-recursor
+--
 xcftools
   Hugo proposed to work on this update
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82afcf5a51f8fb42b17b08fcd67c5aea70048ce0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82afcf5a51f8fb42b17b08fcd67c5aea70048ce0
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to