[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff Sun, 27 Dec 2020 10:12:32 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c6731fe by Moritz Muehlenhoff at 2020-12-27T19:12:02+01:00
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -108087,6 +108087,7 @@ CVE-2019-10736
        RESERVED
 CVE-2019-10735 (In Claws Mail 3.14.1, an attacker in possession of S/MIME or 
PGP encry ...)
        - claws-mail <unfixed> (low; bug #926705)
+       [bullseye] - claws-mail <no-dsa> (Minor issue)
        [buster] - claws-mail <postponed> (Revisit when fixed upstream)
        [stretch] - claws-mail <postponed> (Revisit when fixed upstream)
        [jessie] - claws-mail <postponed> (Revisit when fixed upstream)
@@ -160156,6 +160157,7 @@ CVE-2018-11490 (The DGifDecompressLine function in 
dgif_lib.c in GIFLIB (possibl
        NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from 
giflib.
 CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB 
(possibly vers ...)
        - giflib <unfixed> (bug #904113)
+       [bullseye] - giflib <no-dsa> (Minor issue)
        [buster] - giflib <no-dsa> (Minor issue)
        [stretch] - giflib <no-dsa> (Minor issue)
        [jessie] - giflib <no-dsa> (Minor issue)
@@ -222939,6 +222941,7 @@ CVE-2017-7476 (Gnulib before 2017-04-26 has a 
heap-based buffer overflow with th
        NOTE: Introduced with 4bc76593 and 4e6e16b3f.
 CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer 
dereference relat ...)
        - cairo <unfixed> (low; bug #870264)
+       [bullseye] - cairo <ignored> (Minor issue)
        [buster] - cairo <ignored> (Minor issue)
        [stretch] - cairo <no-dsa> (Minor issue)
        [jessie] - cairo <no-dsa> (Minor issue)
@@ -257244,10 +257247,12 @@ CVE-2016-5417 (Memory leak in the __res_vinit 
function in the IPv6 name server m
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19257
 CVE-2016-5416 (389 Directory Server in Red Hat Enterprise Linux Desktop 6 
through 7,  ...)
        - 389-ds-base <unfixed> (bug #834233)
-       [buster] - 389-ds-base <no-dsa> (Minor issue)
+       [bullseye] - 389-ds-base <ignored> (Minor issue)
+       [buster] - 389-ds-base <ignored> (Minor issue)
        [stretch] - 389-ds-base <no-dsa> (Minor issue)
        [jessie] - 389-ds-base <no-dsa> (Minor issue)
        NOTE: https://fedorahosted.org/389/ticket/48852
+       NOTE: https://github.com/389ds/389-ds-base/issues/1912
        NOTE: Potentially related: https://fedorahosted.org/389/ticket/48354
 CVE-2016-5415
        RESERVED
@@ -258103,6 +258108,7 @@ CVE-2016-4456 (The "GNUTLS_KEYLOGFILE" environment 
variable in gnutls 3.4.12 all
        NOTE: https://www.openwall.com/lists/oss-security/2016/06/07/2
 CVE-2016-1000002 (gdm3 3.14.2 and possibly later has an information leak 
before screen l ...)
        - gdm3 <unfixed> (low; bug #849432)
+       [bullseye] - gdm3 <ignored> (Minor issue)
        [buster] - gdm3 <ignored> (Minor issue)
        [stretch] - gdm3 <ignored> (Minor issue)
        [jessie] - gdm3 <ignored> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c6731fe9e68ba3a11e6a1363a9d1c54c7c54895

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c6731fe9e68ba3a11e6a1363a9d1c54c7c54895
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye triage

Reply via email to