Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits: b2e763e3 by Antoine Beaupré at 2018-05-30T11:38:44-04:00 patch available for liblouis, triage in LTS - - - - - 81aa8758 by Antoine Beaupré at 2018-05-30T11:41:42-04:00 triage libpodofo out of lts - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -296,6 +296,7 @@ CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function [stretch] - liblouis <no-dsa> (Minor issue) [jessie] - liblouis <no-dsa> (Minor issue) NOTE: https://github.com/liblouis/liblouis/issues/575 + NOTE: https://github.com/liblouis/liblouis/commit/4417bad83df4481ed58419b28c5c91b9649e2a86 CVE-2018-11439 [remote information disclosure via a crafted audio file in taglib 1.11.1] RESERVED - taglib <unfixed> @@ -791,16 +792,19 @@ CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575851 CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575502 CVE-2018-11254 (An issue was discovered in PoDoFo 0.9.5. There is an Excessive ...) - libpodofo <unfixed> (low) [stretch] - libpodofo <no-dsa> (Minor issue) [jessie] - libpodofo <no-dsa> (Minor issue) + [wheezy] - libpodofo <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1576174 CVE-2018-11253 RESERVED ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -29,6 +29,8 @@ libav (Hugo Lefeuvre) NOTE: 20180529: Help is welcome, feel free to mail Hugo. Still up-to-date. Help needed for CVE triage and patch development. NOTE: 20180529: Just contacted some of the CVE reporters to ask for the reproducers, CC-ed team ML. -- +liblouis +-- linux -- ming (Hugo Lefeuvre) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c06d20ebb37e44ff8176e1956d4b949bcbbfab5e...81aa87586909eba76c2c2a289b2e6f6fc5776d43 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c06d20ebb37e44ff8176e1956d4b949bcbbfab5e...81aa87586909eba76c2c2a289b2e6f6fc5776d43 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits