Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: e6d54956 by Roberto C. Sánchez at 2022-05-25T10:22:29-04:00 LTS: update subversion notes in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -265,6 +265,9 @@ subversion (Roberto C. Sánchez) NOTE: 20220422: Upstream's patch for CVE-2021-28544 does not cleanly apply (eg. "copyfrom_path = apr_pstrdup(...)" assignment) NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby) NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico) + NOTE: 20220525: Based on the results of Enrico's analysis and some further work, I was able to have the test execute reliably (roberto) + NOTE: 20220525: The test passes, which seems to indicate that the vulnerability does not affect 1.9.5 (roberto) + NOTE: 20220525: I have asked Enrico to replicate my findings (roberto) -- systemd NOTE: 20220524: CVE-2020-1712 marked for update but didn't make it to 9.13 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6d54956dfb7f0f49c844d76f4996d63cce2f3b6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6d54956dfb7f0f49c844d76f4996d63cce2f3b6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits