Great!
Sent from a phone
Den mån 13 maj 2019 22:52Emilio Pozuelo Monfort skrev:
> On 13/05/2019 12:09, Emilio Pozuelo Monfort wrote:
> > It was not clear to me at the time of upload if it was addressed in
> 7u221. It
> > was not mentioned in the upstream announcement. I asked upstream for
> > c
On 13/05/2019 12:09, Emilio Pozuelo Monfort wrote:
> It was not clear to me at the time of upload if it was addressed in 7u221. It
> was not mentioned in the upstream announcement. I asked upstream for
> clarification on its status, it may be that that CVE is Oracle specific and
> doesn't affect Op
On 13/05/2019 10:55, Sylvain wrote:
> Thanks Ola.
>
> Emilio, can you confirm your latest upload also addresses CVE-2019-2697?
>
> It's MITRE page points to:
> https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
> "Mateusz Jurczyk of Google Project Zero: CVE-2019-2697, CV
Thanks Ola.
Emilio, can you confirm your latest upload also addresses CVE-2019-2697?
It's MITRE page points to:
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
"Mateusz Jurczyk of Google Project Zero: CVE-2019-2697, CVE-2019-2698"
which also references CVE-2019-2698,
Hi Sylvain
It was meant to consider CVE-2019-2697.
I do not know anything about re-consider this CVE as nothing has been noted
to that CVE that it has been ignored or should be treated in some other way.
// Ola
On Mon, 13 May 2019 at 10:57, Sylvain Beucler wrote:
> Hi,
>
> openjdk-7 is back in
Hi,
openjdk-7 is back in dla-needed.txt with the commit message "Sounds
serious enough".
However it was re-added the day after DLA-1782-1 and there's no new CVE
since.
Was it an oversight, or was it meant to reconsider
https://security-tracker.debian.org/tracker/CVE-2019-2697 which wasn't
address