[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: add uwsgi to dsa-needed

Tue, 13 Mar 2018 15:37:36 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4f1328be by Moritz Muehlenhoff at 2018-03-13T23:35:07+01:00
add uwsgi to dsa-needed

- - - - -
a35851b0 by Moritz Muehlenhoff at 2018-03-13T23:36:00+01:00
bugnums

- - - - -
cba379fb by Moritz Muehlenhoff at 2018-03-13T23:36:39+01:00
Merge branch 'master' of 
salsa.debian.org:security-tracker-team/security-tracker

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -235,7 +235,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL 
pointer dereference .
        NOTE: https://github.com/silnrsi/graphite/issues/22
 CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference 
...)
        {DLA-1306-1}
-       - vips 8.4.5-2 (bug #892589)
+       - vips 8.4.5-2 (low; bug #892589)
        [stretch] - vips <no-dsa> (Minor issue)
        [jessie] - vips <no-dsa> (Minor issue)
        NOTE: 
https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
@@ -39089,7 +39089,7 @@ CVE-2017-11431
        RESERVED
 CVE-2017-11430
        RESERVED
-       - ruby-omniauth-saml <unfixed>
+       - ruby-omniauth-saml <unfixed> (bug #892864)
        NOTE: fixed in 1.10.0
        NOTE: https://github.com/omniauth/omniauth-saml/issues/156
        NOTE: https://github.com/omniauth/omniauth-saml/pull/157
@@ -39103,7 +39103,7 @@ CVE-2017-11429
        NOTE: https://www.kb.cert.org/vuls/id/475445
 CVE-2017-11428
        RESERVED
-       - ruby-saml <unfixed>
+       - ruby-saml <unfixed> (bug #892865)
        NOTE: fixed in 1.7.0
        NOTE: 
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
        NOTE: https://www.kb.cert.org/vuls/id/475445


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -102,6 +102,8 @@ undertow
 --
 vlc (jmm)
 --
+uwsgi
+--
 xen/oldstable
 --
 zendframework/oldstable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f796447effdf60ee256e4c9ef78799f03b230399...cba379fb24b191aabee7f811709f9e5fc205e377

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f796447effdf60ee256e4c9ef78799f03b230399...cba379fb24b191aabee7f811709f9e5fc205e377
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to