[Git][security-tracker-team/security-tracker][master] 2 commits: dla: add note author

Fri, 09 Apr 2021 10:15:06 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
de721ac3 by Sylvain Beucler at 2021-04-09T19:08:22+02:00
dla: add note author

- - - - -
9564020e by Sylvain Beucler at 2021-04-09T19:10:46+02:00
CVE-2018-1199: further spring-security info

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -212674,8 +212674,10 @@ CVE-2018-1199 (Spring Security (Spring Security 
4.1.x before 4.1.5, 4.2.x before
        [stretch] - libspring-java <no-dsa> (Minor issue)
        [wheezy] - libspring-java <ignored> (Too intrusive to fix by upgrade)
        [jessie] - libspring-java <no-dsa> (fix for spring-security available 
but not for springframework)
+       - libspring-security-2.0-java <removed>
        - libspring-security-java <itp> (bug #582181)
        NOTE: https://pivotal.io/security/cve-2018-1199
+       NOTE: 
https://github.com/spring-projects/spring-security/commit/65da28e4bf62f58fb130ba727cbbd621b44a36d1
 (spring-security 4.1.5)
 CVE-2018-1198 (Pivotal Cloud Cache, versions prior to 1.3.1, prints a 
superuser passw ...)
        NOT-FOR-US: Pivotal Cloud Cache
 CVE-2018-1197 (In Windows Stemcells versions prior to 1200.14, apps running 
inside co ...)


=====================================
data/dla-needed.txt
=====================================
@@ -15,7 +15,7 @@ rather than remove/replace existing ones.
 --
 ansible
   NOTE: 20210322: As discussed with the maintainer I will update Buster first 
and
-  NOTE: 20210322: after that LTS. Will ask for a maintainer review later this 
week.
+  NOTE: 20210322: after that LTS. Will ask for a maintainer review later this 
week. (apo)
 --
 ceph
   NOTE: 20200707: Vulnerable to at least CVE-2018-14662. (lamby)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9057ad2505dc7a6693e8fff4cd6b09a84c2c3d24...9564020ede205cb189c0b298547b08ce1c454b0e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9057ad2505dc7a6693e8fff4cd6b09a84c2c3d24...9564020ede205cb189c0b298547b08ce1c454b0e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to