[Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3886 as not affecting (old)stable
Guido Günther pushed to branch master at Debian Security Tracker / security-tracker Commits: c96b4bd0 by Guido Günther at 2019-04-08T09:35:25Z Mark CVE-2019-3886 as not affecting (old)stable - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -17177,10 +17177,12 @@ CVE-2019-3887 [KVM: x86: nVMX: close leak of L0's x2APIC MSR] NOTE: Fixed by: https://git.kernel.org/linus/c73f4c998e1fd4249b9edfa39e23f4fda2b9b041 CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 and abo ...) - libvirt 5.0.0-2 (low; bug #926418) - [stretch] - libvirt (Minor issue) + [stretch] - libvirt (Vulnerable code not present) + [jessie] - libvirt (Vulnerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694880 NOTE: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 + NOTE: Introduced in https://libvirt.org/git/?p=libvirt.git;a=commit;h=25736a4c7ed50c101b4f87935f350f1a39a89f6e CVE-2019-3885 RESERVED CVE-2019-3884 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c96b4bd0082181c9a844fcb66d7c4bcdcd655503 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c96b4bd0082181c9a844fcb66d7c4bcdcd655503 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove myself from frontdesk for this year
Guido Günther pushed to branch master at Debian Security Tracker / security-tracker Commits: 878e061c by Guido Günther at 2018-09-17T07:17:34Z Remove myself from frontdesk for this year - - - - - 1 changed file: - org/lts-frontdesk.2018.txt Changes: = org/lts-frontdesk.2018.txt = @@ -37,7 +37,7 @@ From 04-06 to 10-06:Chris Lamb From 11-06 to 17-06:Thorsten Alteholz From 18-06 to 24-06:Markus Koschany From 25-06 to 01-07:Thorsten Alteholz -From 02-07 to 08-07:Guido Günther +From 02-07 to 08-07: From 09-07 to 15-07:Markus Koschany From 16-07 to 22-07:Mike Gabriel From 23-07 to 29-07:Chris Lamb @@ -49,18 +49,18 @@ From 27-08 to 02-09:Markus Koschany From 03-09 to 09-09:Chris Lamb From 10-09 to 16-09:Thorsten Alteholz From 17-09 to 23-09:Markus Koschany -From 24-09 to 30-09:Guido Günther +From 24-09 to 30-09: From 01-10 to 07-10:Chris Lamb From 08-10 to 14-10:Markus Koschany From 15-10 to 21-10:Chris Lamb From 22-10 to 28-10:Thorsten Alteholz From 29-10 to 04-11:Ola Lundqvist From 05-11 to 11-11:Chris Lamb -From 12-11 to 18-11:Guido Günther +From 12-11 to 18-11: From 19-11 to 25-11:Markus Koschany From 26-11 to 02-12:Thorsten Alteholz From 03-12 to 09-12:Chris Lamb -From 10-12 to 16-12:Guido Günther +From 10-12 to 16-12: From 17-12 to 23-12:Markus Koschany From 24-12 to 30-12: From 31-12 to 06-01: View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/878e061cc214ff73ef115562adda7e0eb0a135e0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/878e061cc214ff73ef115562adda7e0eb0a135e0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] CVE-2017-14160: link to upstream fix
Guido Günther pushed to branch master at Debian Security Tracker / security-tracker Commits: 643094d2 by Guido Günther at 2018-05-09T09:01:42+02:00 CVE-2017-14160: link to upstream fix - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -38542,6 +38542,7 @@ CVE-2017-14160 (The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/2 NOTE: http://www.openwall.com/lists/oss-security/2017/09/21/3 NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2330 +NOTE: Upstream fix: https://gitlab.xiph.org/xiph/vorbis/uploads/b1e77c7aab2afccf645e32678d8ba52d/patch1 CVE-2017-14176 (Bazaar through 2.7.0, when Subprocess SSH is used, allows remote ...) {DSA-4052-1 DLA-1107-1} - bzr 2.7.0+bzr6622-7 (bug #874429) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/643094d21bdae5d4e1f9db68c23f74427cf19ed7 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/643094d21bdae5d4e1f9db68c23f74427cf19ed7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits