[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14983/chocolate-doom: precise stretch triage

Thu, 21 Apr 2022 00:16:21 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4c274565 by Sylvain Beucler at 2022-04-21T09:08:59+02:00
CVE-2020-14983/chocolate-doom: precise stretch triage

- - - - -
617fa593 by Sylvain Beucler at 2022-04-21T09:10:04+02:00
CVE-2018-1311/xerces-c: precise stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -134392,7 +134392,7 @@ CVE-2020-14983 (The server in Chocolate Doom 3.0.0 
and Crispy Doom 5.8.0 doesn't
        [buster] - crispy-doom <no-dsa> (Minor issue)
        - chocolate-doom 3.0.1-1
        [buster] - chocolate-doom 3.0.0-4+deb10u1
-       [stretch] - chocolate-doom <no-dsa> (Minor issue)
+       [stretch] - chocolate-doom <end-of-life> (games are not supported)
        [jessie] - chocolate-doom <end-of-life> (games are not supported)
        NOTE: https://github.com/chocolate-doom/chocolate-doom/issues/1293
        NOTE: 
https://github.com/chocolate-doom/chocolate-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
@@ -282800,7 +282800,7 @@ CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when 
generating an HTTP Digest a
 CVE-2018-1311 (The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a 
use-after-fre ...)
        {DSA-4814-1}
        - xerces-c 3.2.3+debian-2 (bug #947431)
-       [stretch] - xerces-c <postponed> (Minor issue, revisit when fixed 
upstream, mitigated in DLA 2498-1)
+       [stretch] - xerces-c <postponed> (Minor issue, revisit when fixed 
upstream, fixed with memory leak in DLA 2498-1)
        [jessie] - xerces-c <postponed> (slow upstream interest, proper fix 
likely to break ABI compatibility)
        NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt
        NOTE: https://issues.apache.org/jira/browse/XERCESC-2188



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d869d989da3d4fa8ae376b5a69fcf5c8367da2...617fa593fda27b5819f1b9e7139416eca31453d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d869d989da3d4fa8ae376b5a69fcf5c8367da2...617fa593fda27b5819f1b9e7139416eca31453d9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to