[Git][security-tracker-team/security-tracker][master] Reserve DLA-2458-1 for drupal7

Thu, 19 Nov 2020 03:31:55 -0800 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
72d53148 by Emilio Pozuelo Monfort at 2020-11-19T12:31:39+01:00
Reserve DLA-2458-1 for drupal7

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[19 Nov 2020] DLA-2458-1 drupal7 - security update
+       {CVE-2020-13666 CVE-2020-13671}
+       [stretch] - drupal7 7.52-2+deb9u12
 [19 Nov 2020] DLA-2457-1 firefox-esr - security update
        {CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 
CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 
CVE-2020-26968}
        [stretch] - firefox-esr 78.5.0esr-1~deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -46,10 +46,6 @@ condor
   NOTE: 20200712: Requested input on path forward from debian-lts@l.d.o 
(roberto)
   NOTE: 20200727: Waiting on maintainer feedback: 
https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
 --
-drupal7
-  NOTE: 20201119: Upstream advisory for CVE-2020-13666 mentions potential for 
jQuery regression; may need to include a related note in the DLA. (roberto)
-  NOTE: 20201119: The maintainer has already uploaded the package: 
https://lists.debian.org/debian-lts-changes/2020/11/msg00032.html
---
 f2fs-tools
   NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 
and 1.13.0, but it is not trivial to
   NOTE: 20200815: to detect which of the patches correlates to the CVE. 
Contacting upstream might be necessary. (sunweaver)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72d53148d3c20f98588b8ee42eca65f07a23bfc2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72d53148d3c20f98588b8ee42eca65f07a23bfc2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to