[Git][security-tracker-team/security-tracker][master] 2 commits: 'point release' for nfdump (CVE-2019-1010057 and CVE-2019-14459) just happened

Sat, 26 Sep 2020 08:55:35 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4dc4b620 by Thorsten Alteholz at 2020-09-26T17:53:32+02:00
'point release' for nfdump (CVE-2019-1010057 and CVE-2019-14459) just 
happened

- - - - -
cbb7b7f8 by Thorsten Alteholz at 2020-09-26T17:54:28+02:00
Reserve DLA-2383-1 for nfdump

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77601,7 +77601,6 @@ CVE-2019-14460
 CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by an integer overflow 
in the fu ...)
        - nfdump 1.6.18-1 (bug #933740)
        [buster] - nfdump <no-dsa> (Minor issue)
-       [stretch] - nfdump <no-dsa> (Minor issue)
        NOTE: https://github.com/phaag/nfdump/issues/171
        NOTE: 
https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
 CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a 
denial of ...)
@@ -92676,7 +92675,6 @@ CVE-2019-1010058
        RESERVED
 CVE-2019-1010057 (nfdump 1.6.16 and earlier is affected by: Buffer Overflow. 
The impact  ...)
        - nfdump 1.6.17-1
-       [stretch] - nfdump <no-dsa> (Minor issue; can be fixed via point 
release)
        NOTE: https://github.com/phaag/nfdump/issues/104
        NOTE: 
https://github.com/phaag/nfdump/commit/9f0fe9563366f62a71d34c92229da3432ec5cf0e
 CVE-2019-1010056


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Sep 2020] DLA-2383-1 nfdump - security update
+       {CVE-2019-14459 CVE-2019-1010057}
+       [stretch] - nfdump 1.6.15-3+deb9u1
 [26 Sep 2020] DLA-2382-1 curl - security update
        {CVE-2020-8231}
        [stretch] - curl 7.52.1-5+deb9u12



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/70751201774ea22f3ac38d872ce82cd8db42e65c...cbb7b7f832e1740fd1b0f15af755f37ac4c0ce4a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to