[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-28476 as no-dsa for Stretch

Fri, 12 Feb 2021 07:18:04 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bb8f8749 by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
mark CVE-2020-28476 as no-dsa for Stretch

- - - - -
adcc18b2 by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
add libebml

- - - - -
4c88dd9f by Thorsten Alteholz at 2021-02-12T16:17:10+01:00
add activemq

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -24029,6 +24029,7 @@ CVE-2020-28477 (This affects all versions of package 
immer. ...)
 CVE-2020-28476 (All versions of package tornado are vulnerable to Web Cache 
Poisoning  ...)
        - python-tornado <unfixed>
        [buster] - python-tornado <no-dsa> (Minor issue)
+       [stretch] - python-tornado <no-dsa> (Minor issue)
        NOTE: https://snyk.io/vuln/SNYK-PYTHON-TORNADO-1017109
 CVE-2020-28475
        RESERVED


=====================================
data/dla-needed.txt
=====================================
@@ -12,6 +12,8 @@ 
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 To make it easier to see the entire history of an update, please append notes
 rather than remove/replace existing ones.
 
+--
+activemq
 --
 ansible (Markus Koschany)
 --
@@ -42,6 +44,8 @@ dnsmasq (Utkarsh)
 firmware-nonfree
   NOTE: 20201207: wait for the update in buster and backport that (Emilio)
 --
+libebml (Thorsten Alteholz)
+--
 libzstd (Utkarsh)
 --
 linux (Ben Hutchings)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94865815ef583b2f19598acd222d9aecbf60ee57...4c88dd9f6d2072106b45986ef043e508b59badb2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/94865815ef583b2f19598acd222d9aecbf60ee57...4c88dd9f6d2072106b45986ef043e508b59badb2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to