Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
809f0abd by Chris Lamb at 2018-03-06T11:29:15+00:00
Triage CVE-2018-0490 & CVE-2018-0491 (tor) for wheezy; end-of-life in this 
distribution.

- - - - -
13808bb6 by Chris Lamb at 2018-03-06T11:29:59+00:00
Triage graphicsmagick for LTS

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19977,11 +19977,13 @@ CVE-2018-0492
        RESERVED
 CVE-2018-0491 (A use-after-free issue was discovered in Tor 0.3.2.x before 
0.3.2.10. ...)
        - tor 0.3.2.10-1
+       [wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
        NOTE: https://trac.torproject.org/projects/tor/ticket/25117
        NOTE: https://trac.torproject.org/projects/tor/ticket/24700
        NOTE: 
https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 CVE-2018-0490 (An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 
...)
        - tor 0.3.2.10-1
+       [wheezy] - tor <end-of-life> (Not supported in wheezy LTS)
        NOTE: https://trac.torproject.org/projects/tor/ticket/25074
        NOTE: 
https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915
 CVE-2018-0489 (Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth 
Service ...)


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -30,6 +30,8 @@ gcc-4.7 (Roberto C. Sánchez)
   NOTE: Backport the retpoline support for spectre mitigation.
   NOTE: Do we want/need it on this gcc version as well?
 --
+graphicsmagick
+--
 icu (Thorsten Alteholz)
   NOTE: 20171229: CVE-2017-15422 was reported via Google Code issue report in 
Chromium project; report is not visible to the public
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0b934907436077d28ae5fb1e0c7b056d8622e4d6...13808bb6e3a98ed8c4f0c25a5ae650132603bedc

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0b934907436077d28ae5fb1e0c7b056d8622e4d6...13808bb6e3a98ed8c4f0c25a5ae650132603bedc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to