Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: f73d7d10 by Thorsten Alteholz at 2020-06-28T14:12:17+02:00 mark CVE-2020-10753 as no-dsa for Jessie - - - - - 985d4770 by Thorsten Alteholz at 2020-06-28T14:15:09+02:00 CVE-2016-4429 is fixed in libtirpc - - - - - db5fde2b by Thorsten Alteholz at 2020-06-28T14:15:34+02:00 Reserve DLA-2256-1 for libtirpc - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -12770,6 +12770,7 @@ CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkMana NOTE: plugin). CVE-2020-10753 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...) - ceph <unfixed> + [jessie] - ceph <no-dsa> (Minor issue) NOTE: https://github.com/ceph/ceph/pull/35773 NOTE: Fix: https://github.com/ceph/ceph/commit/1524d3c0c5cb11775313ea1e2bb36a93257947f2 CVE-2020-10752 (A flaw was found in the OpenShift API Server, where it failed to suffi ...) @@ -218619,7 +218620,6 @@ CVE-2016-4429 (Stack-based buffer overflow in the clntudp_call function in sunrp [wheezy] - eglibc <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20112 - libtirpc 0.2.5-1.1 (bug #840347) - [jessie] - libtirpc <no-dsa> (Minor issue) [wheezy] - libtirpc <no-dsa> (Minor issue) CVE-2016-4428 (Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horiz ...) {DSA-3617-1 DLA-520-1} ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[28 Jun 2020] DLA-2256-1 libtirpc - security update + {CVE-2016-4429} + [jessie] - libtirpc 0.2.5-1+deb8u3 [28 Jun 2020] DLA-2255-1 libtasn1-6 - security update {CVE-2017-10790} [jessie] - libtasn1-6 4.2-3+deb8u4 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d6bbbdfd223f36356b7e5c16dcba38287dd69a0e...db5fde2befc3bcf261d48a9d052bd253c2dcb1d6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d6bbbdfd223f36356b7e5c16dcba38287dd69a0e...db5fde2befc3bcf261d48a9d052bd253c2dcb1d6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits