[Git][security-tracker-team/security-tracker][master] stretch triage

Moritz Muehlenhoff Fri, 22 Feb 2019 11:59:15 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
babb564d by Moritz Muehlenhoff at 2019-02-22T19:57:12Z
stretch triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1271,7 +1271,8 @@ CVE-2019-8402
 CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN 
messages. ...)
        NOT-FOR-US: WooCommerce plugin
 CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x 
before ...)
-       - zabbix 1:3.0.17+dfsg-1
+       - zabbix 1:3.0.17+dfsg-1 (low)
+       [stretch] - zabbix <no-dsa> (Minor issue)
        NOTE: https://support.zabbix.com/browse/ZBX-10272
        NOTE: https://support.zabbix.com/browse/ZBX-13133
 CVE-2019-8401
@@ -5275,6 +5276,7 @@ CVE-2019-6690 [improper input validation in 
gnupg.GPG.encrypt() and gnupg.GPG.de
        RESERVED
        {DLA-1675-1}
        - python-gnupg 0.4.4-1
+       [stretch] - python-gnupg <no-dsa> (Minor issue)
        NOTE: 
https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability
        NOTE: 
https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112
        NOTE: 
https://github.com/vsajip/python-gnupg/commit/3003b654ca1c29b0510a54b9848571b3ad57df19#diff-88b99bb28683bd5b7e3a204826ead112
@@ -6411,7 +6413,8 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka 
svgpp) 1.2.3. After calling
        NOTE: https://github.com/svgpp/svgpp/issues/70
 CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as 
used in ...)
        {DLA-1656-1}
-       - agg 1:2.4-r127+dfsg1-1 (bug #919322)
+       - agg 1:2.4-r127+dfsg1-1 (low; bug #919322)
+       [stretch] - agg <no-dsa> (Minor issue)
        - svgpp <unfixed> (bug #919321)
        NOTE: https://github.com/svgpp/svgpp/issues/70
        NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
@@ -26578,6 +26581,7 @@ CVE-2018-1000808 (Python Cryptographic Authority 
pyopenssl version Before 17.5.0
        NOTE: 
https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
 CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to 
version ...)
        - pyopenssl 17.5.0-1
+       [stretch] - pyopenssl <no-dsa> (Minor issue)
        [jessie] - pyopenssl <no-dsa> (Minor issue, but also requires at least 
cryptography 2.1.4 which exposes the X509_up_ref method)
        NOTE: https://github.com/pyca/pyopenssl/pull/723
        NOTE: 
https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] stretch triage

Reply via email to