[Git][security-tracker-team/security-tracker][master] 3 commits: follow security team and mark CVE-2021-37620 as ignored

Sun, 21 Nov 2021 14:41:48 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fd58dbe7 by Thorsten Alteholz at 2021-11-21T23:35:07+01:00
follow security team and mark CVE-2021-37620 as ignored

- - - - -
0c88fae0 by Thorsten Alteholz at 2021-11-21T23:37:26+01:00
mark CVE-2021-34334 as no-dsa for Stretch

- - - - -
df8498d3 by Thorsten Alteholz at 2021-11-21T23:41:24+01:00
nothing todo

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -18742,6 +18742,7 @@ CVE-2021-37620 (Exiv2 is a command-line utility and C++ 
library for reading, wri
        - exiv2 <unfixed>
        [bullseye] - exiv2 <ignored> (Minor issue)
        [buster] - exiv2 <ignored> (Minor issue)
+       [stretch] - exiv2 <ignored> (Minor issue)
        NOTE: 
https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
        NOTE: https://github.com/Exiv2/exiv2/pull/1769
 CVE-2021-37619 (Exiv2 is a command-line utility and C++ library for reading, 
writing,  ...)
@@ -26457,6 +26458,7 @@ CVE-2021-34335 (Exiv2 is a command-line utility and C++ 
library for reading, wri
        NOTE: https://github.com/Exiv2/exiv2/pull/1750
 CVE-2021-34334 (Exiv2 is a command-line utility and C++ library for reading, 
writing,  ...)
        - exiv2 <unfixed> (bug #992706)
+       [stretch] - exiv2 <no-dsa> (Minor issue)
        NOTE: 
https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p
        NOTE: https://github.com/Exiv2/exiv2/pull/1766
 CVE-2021-34333 (A vulnerability has been identified in JT2Go (All versions 
&lt; V13.2) ...)


=====================================
data/dla-needed.txt
=====================================
@@ -27,9 +27,6 @@ debian-archive-keyring
   NOTE: 20211018: Jonathan is prepping the branch; will work
   NOTE: 20211018: with him and upload and publish the DLA. (utkarsh)
 --
-exiv2 (Thorsten Alteholz)
-  NOTE: 20211109: testing package
---
 firefox-esr (Emilio)
   NOTE: 20211116: blocked on toolchain backports (pochu)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6a5905630de347de72873c2070b8c532e89d5b3d...df8498d3771f53dc94bf2998b2d04fe333d227d3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to