Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a5ffd413 by Adrian Bunk at 2021-11-21T21:22:14+02:00
Postpone CVE-2021-42917 for stretch
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -4767,6 +4767,7 @@ CVE-2021-42917 (Buffer overflow vulnerability in Kodi
xbmc up to 19.0, allows at
- kodi 2:19.3+dfsg1-1 (bug #998419)
[bullseye] - kodi <no-dsa> (Minor issue)
[buster] - kodi <no-dsa> (Minor issue)
+ [stretch] - kodi <postponed> (no point in fixing this when the more
severe CVE-2017-5982 is ignored)
- xbmc <removed>
NOTE:
https://github.com/xbmc/xbmc/commit/80c8138c09598e88b4ddb6dbb279fa193bbb3237
NOTE: https://github.com/xbmc/xbmc/issues/20305
=====================================
data/dla-needed.txt
=====================================
@@ -48,8 +48,6 @@ gpac (Roberto C. Sánchez)
NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster
versions match (roberto)
NOTE: 20211120: received OK from secteam for buster update, working on
stretch/buster in parallel (roberto)
--
-kodi (Adrian Bunk)
---
libgit2 (Utkarsh)
NOTE: 20211029: CVE-2018-10887/CVE-2018-10888/CVE-2018-15501 were fixed
NOTE: 20211029: for jessie in DLA-1477-1 and should also be fixed in stretch
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5ffd41309bff2d509ef6bb600a2032a360f8fa5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5ffd41309bff2d509ef6bb600a2032a360f8fa5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
