Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d71330d3 by Thorsten Alteholz at 2021-12-28T00:47:49+01:00
fix for CVE-2020-18442 postponed until now
- - - - -
8c446b4c by Thorsten Alteholz at 2021-12-28T00:48:42+01:00
Reserve DLA-2859-1 for zziplib
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101632,7 +101632,6 @@ CVE-2020-18442 (Infinite Loop in zziplib v0.13.69
allows remote attackers to cau
- zziplib 0.13.72+dfsg.1-1
[bullseye] - zziplib <no-dsa> (Minor issue)
[buster] - zziplib <no-dsa> (Minor issue)
- [stretch] - zziplib <postponed> (Minor issue, fix along with next DLA)
NOTE: https://github.com/gdraheim/zziplib/issues/68
NOTE:
https://github.com/gdraheim/zziplib/commit/ac9ae39ef419e9f0f83da1e583314d8c7cda34a6
NOTE:
https://github.com/gdraheim/zziplib/commit/7e786544084548da7fcfcd9090d3c4e7f5777f7e
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Dec 2021] DLA-2859-1 zziplib - security update
+ {CVE-2020-18442}
+ [stretch] - zziplib 0.13.62-3.2~deb9u2
[28 Dec 2021] DLA-2858-1 libzip - security update
{CVE-2017-14107}
[stretch] - libzip 1.1.2-1.1+deb9u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6ec7c5b3be2042fd824d3148cd407bec0def63d...8c446b4cce56b39d20f524265614454e9427708b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6ec7c5b3be2042fd824d3148cd407bec0def63d...8c446b4cce56b39d20f524265614454e9427708b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
