[Git][security-tracker-team/security-tracker][master] stretch triage

Tue, 19 Feb 2019 13:17:19 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a9d86c13 by Moritz Muehlenhoff at 2019-02-19T21:16:37Z
stretch triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3231,8 +3231,9 @@ CVE-2019-7444
 CVE-2019-7443 [Insecure handling of arguments in helpers]
        RESERVED
        - kauth 5.54.0-2 (bug #921995)
-       [stretch] - kauth <no-dsa> (Minor issue)
+       [stretch] - kauth <no-dsa> (Minor issue, will be fixed in a point 
release)
        - kde4libs <unfixed>
+       [stretch] - kde4libs <no-dsa> (Minor issue)
        NOTE: 
https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
        NOTE: 
https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a
 CVE-2019-7442
@@ -29300,6 +29301,7 @@ CVE-2018-16868 (A Bleichenbacher type side-channel 
based padding oracle attack w
        NOTE: nettle version.
 CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before 
version ...)
        - qemu 1:3.1+dfsg-1 (bug #915884)
+       [stretch] - qemu <not-affected> (Vulnerable code not present)
        - qemu-kvm <removed>
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00390.html
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6
 (master)


=====================================
data/dsa-needed.txt
=====================================
@@ -28,6 +28,9 @@ graphicsmagick
 libidn
   santiago proposed debdiffs for jessie and stretch
 --
+libpng1.6
+  wait for final patch
+--
 libspring-java
 --
 linux



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to