[Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2020-11867 in audacity for stretcn LTS (Minor issue).

Wed, 09 Dec 2020 02:12:42 -0800 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f95f28f by Chris Lamb at 2020-12-09T10:07:14+00:00
Triage CVE-2020-11867 in audacity for stretcn LTS (Minor issue).

- - - - -
69827f7c by Chris Lamb at 2020-12-09T10:08:13+00:00
data/dla-needed.txt: Triage openssl for stretch LTS (CVE-2020-1971).

- - - - -
81f6a048 by Chris Lamb at 2020-12-09T10:10:47+00:00
data/dla-needed.txt: Triage curl for stretch LTS (CVE-2020-8284, CVE-2020-8285 
& CVE-2020-8286).

- - - - -
e9a5f97c by Chris Lamb at 2020-12-09T10:12:00+00:00
data/dla-needed.txt: Triage openssl1.0 for stretch LTS (CVE-2020-1971).

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -44795,6 +44795,7 @@ CVE-2020-11868 (ntpd in ntp before 4.2.8p14 and 4.3.x 
before 4.3.100 allows an o
 CVE-2020-11867 (Audacity through 2.3.3 saves temporary files to 
/var/tmp/audacity-$USE ...)
        - audacity <unfixed> (bug #976874)
        [buster] - audacity <no-dsa> (Minor issue)
+       [stretch] - audacity <no-dsa> (Minor issue)
 CVE-2020-11866 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a 
use-aft ...)
        - libemf 1.0.12-1
        [buster] - libemf <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -46,6 +46,8 @@ condor
   NOTE: 20200712: Requested input on path forward from [email protected] 
(roberto)
   NOTE: 20200727: Waiting on maintainer feedback: 
https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
 --
+curl
+--
 f2fs-tools
   NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 
and 1.13.0, but it is not trivial to
   NOTE: 20200815: to detect which of the patches correlates to the CVE. 
Contacting upstream might be necessary. (sunweaver)
@@ -101,6 +103,10 @@ opendmarc
 --
 openjpeg2 (Thorsten Alteholz)
 --
+openssl
+--
+openssl1.0
+--
 pacemaker (Markus Koschany)
   NOTE: 20201117: See #974563 for further information.
   NOTE: 20201130: I will ask the other bug reporters for feedback and testing



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12b9bbb0487028393a57cc631b4a246d3f12f9c7...e9a5f97c03c1dc22f74f696ad2d2264338fcf495

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12b9bbb0487028393a57cc631b4a246d3f12f9c7...e9a5f97c03c1dc22f74f696ad2d2264338fcf495
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to