[Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2020-11722 as no-dsa for Jessie

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cb990056 by Thorsten Alteholz at 2020-04-21T22:22:33+02:00
mark CVE-2020-11722 as no-dsa for Jessie

- - - - -
a2cffb11 by Thorsten Alteholz at 2020-04-21T22:22:34+02:00
mark CVE-2020-11879 as no-dsa for Jessie

- - - - -
ad8ba8d6 by Thorsten Alteholz at 2020-04-21T22:22:35+02:00
mark CVE-2020-11880 as no-dsa for Jessie

- - - - -
95df3aa1 by Thorsten Alteholz at 2020-04-21T22:22:36+02:00
mark three CVEs for mysql-connector-java as ignored for Jessie

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -937,11 +937,13 @@ CVE-2020-11880 (An issue was discovered in KDE KMail 
before 19.12.3. By using th
        [buster] - kmail <no-dsa> (Minor issue)
        - kdepim <removed>
        [stretch] - kdepim <no-dsa> (Minor issue)
+       [jessie] - kdepim <no-dsa> (Minor issue)
        NOTE: 
https://cgit.kde.org/kmail.git/commit/?id=2a348eccd352260f192d9b449492071bbf2b34b1
 CVE-2020-11879 (An issue was discovered in GNOME Evolution before 3.35.91. By 
using th ...)
        - evolution 3.36.0-1
        [buster] - evolution <no-dsa> (Minor issue)
        [stretch] - evolution <no-dsa> (Minor issue)
+       [jessie] - evolution <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/784
        NOTE: 
https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
 CVE-2020-11878 (The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before 
stable-4 ...)
@@ -1599,6 +1601,7 @@ CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or 
crawl) before 0.25 allows
        - crawl <unfixed> (bug #958232)
        [buster] - crawl <no-dsa> (Minor issue)
        [stretch] - crawl <no-dsa> (Minor issue)
+       [jessie] - crawl <no-dsa> (Minor issue)
        NOTE: 
https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
        NOTE: 
https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
        NOTE: 
https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
@@ -23428,10 +23431,12 @@ CVE-2020-2935 (Vulnerability in the Oracle Financial 
Services Hedge Management a
 CVE-2020-2934 (Vulnerability in the MySQL Connectors product of Oracle MySQL 
(compone ...)
        - mysql-connector-java <removed>
        [stretch] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Stretch)
+       [jessie] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Jessie)
        NOTE: 
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
 CVE-2020-2933 (Vulnerability in the MySQL Connectors product of Oracle MySQL 
(compone ...)
        - mysql-connector-java <removed>
        [stretch] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Stretch)
+       [jessie] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Jessie)
        NOTE: 
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
 CVE-2020-2932 (Vulnerability in the Oracle Knowledge product of Oracle 
Knowledge (com ...)
        NOT-FOR-US: Oracle
@@ -23578,6 +23583,7 @@ CVE-2020-2876 (Vulnerability in the Oracle Marketing 
product of Oracle E-Busines
 CVE-2020-2875 (Vulnerability in the MySQL Connectors product of Oracle MySQL 
(compone ...)
        - mysql-connector-java <removed>
        [stretch] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Stretch)
+       [jessie] - mysql-connector-java <ignored> (Oracle doesn't disclose 
details, but CVSS score is marginal, so seems fine to ignore for Jessie)
        NOTE: 
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
 CVE-2020-2874 (Vulnerability in the Oracle Email Center product of Oracle 
E-Business  ...)
        NOT-FOR-US: Oracle



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55d5767bdd52fc69849e41e69514e26c2a0bb94c...95df3aa1a5d972924020b9ec66ccb2a063b466fb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55d5767bdd52fc69849e41e69514e26c2a0bb94c...95df3aa1a5d972924020b9ec66ccb2a063b466fb
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits