Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6735c716 by Adrian Bunk at 2021-12-27T18:13:02+02:00
mesa: CVE-2019-5068 code is not built in stretch
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -192711,7 +192711,7 @@ CVE-2019-5068 (An exploitable shared memory
permissions vulnerability exists in
{DLA-1993-1}
- mesa 19.2.6-1 (low; bug #944298)
[buster] - mesa 18.3.6-2+deb10u1
- [stretch] - mesa <no-dsa> (Minor issue)
+ [stretch] - mesa <ignored> (Affected code is not built in stretch)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
NOTE:
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
NOTE:
https://cgit.freedesktop.org/mesa/mesa/commit/?id=02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
=====================================
data/dla-needed.txt
=====================================
@@ -70,8 +70,6 @@ linux-4.19 (Ben Hutchings)
--
lxml (Utkarsh)
--
-mesa (Adrian Bunk)
---
nvidia-graphics-drivers (Markus Koschany)
NOTE: package is in non-free but also in packages-to-support
NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in
Stretch, no fix available for CVE-2021-1077
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6735c716f66b465c1541e80bea25160328f0e5c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6735c716f66b465c1541e80bea25160328f0e5c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
