Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac46afd9 by Thorsten Alteholz at 2019-11-26T21:30:26Z
the time for an upload has come
- - - - -
953083da by Thorsten Alteholz at 2019-11-26T21:30:52Z
Reserve DLA-2011-1 for xmlrpc-epi
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -173818,7 +173818,6 @@ CVE-2016-6296 (Integer signedness error in the
simplestring_addn function in sim
NOTE:
http://git.php.net/?p=php-src.git;a=commit;h=e6c48213c22ed50b2b987b479fcc1ac709394caa
NOTE: Fixed in 7.0.9, 5.6.24, 5.5.38
- xmlrpc-epi 0.54.2-1.2 (bug #832959)
- [jessie] - xmlrpc-epi <no-dsa> (Can be fixed via point release, nothing
depending on it in stable)
NOTE: In stretch/sid php7.0 is using the system library not the
embedded one.
CVE-2016-6295 (ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and
7.x bef ...)
{DSA-3631-1 DLA-628-1}
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Nov 2019] DLA-2011-1 xmlrpc-epi - security update
+ {CVE-2016-6296}
+ [jessie] - xmlrpc-epi 0.54.2-1.1+deb8u1
[26 Nov 2019] DLA-2010-1 bsdiff - security update
{CVE-2014-9862}
[jessie] - bsdiff 4.3-15+deb8u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0f8eb03ce4bfdc25a88e452a0c16c4490c745da...953083dabea317f5a6249e8b832100a239a39df6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c0f8eb03ce4bfdc25a88e452a0c16c4490c745da...953083dabea317f5a6249e8b832100a239a39df6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
