[Git][security-tracker-team/security-tracker][master] Update tracking of llvm-toolchain packages

Mon, 01 Feb 2021 22:23:32 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0468e9d4 by Salvatore Bonaccorso at 2021-02-02T07:22:41+01:00
Update tracking of llvm-toolchain packages

- - - - -


2 changed files:

- data/CVE/list
- data/packages/removed-packages


Changes:

=====================================
data/CVE/list
=====================================
@@ -97272,9 +97272,7 @@ CVE-2020-0307 (In Settings, there is a possible 
permission bypass due to an unsa
        NOT-FOR-US: Android
 CVE-2020-0306 (In LLVM, there is a possible ineffective stack cookie placement 
due to ...)
        - llvm-toolchain-11 <undetermined>
-       - llvm-toolchain-10 <undetermined>
        - llvm-toolchain-9 <undetermined>
-       - llvm-toolchain-8 <undetermined>
 CVE-2020-0305 (In cdev_get of char_dev.c, there is a possible use-after-free 
due to a ...)
        - linux 5.4.13-1
        [buster] - linux 4.19.98-1
@@ -145568,10 +145566,10 @@ CVE-2019-2212 (In poisson_distribution of random, 
there is an out of bounds read
        - libc++ <removed>
        [stretch] - libc++ <no-dsa> (Minor issue)
        [jessie] - libc++ <no-dsa> (Minor issue, Jessie versions of software 
that uses poisson distribution have low popcon)
-       - llvm-toolchain-6.0 <unfixed>
+       - llvm-toolchain-6.0 <removed>
        [buster] - llvm-toolchain-6.0 <ignored> (Minor issue)
        [jessie] - llvm-toolchain-6.0 <no-dsa> (Minor issue, Jessie versions of 
software that uses poisson distribution have low popcon)
-       - llvm-toolchain-8 <unfixed>
+       - llvm-toolchain-8 <removed>
        NOTE: 
https://android.googlesource.com/platform/external/libcxx/+/4cebe6f1f01a34546b3b843b5267619a61bd7d39
        NOTE: 
https://android.googlesource.com/platform/external/libcxx/+/8260b5d56f6880a29b57f73b7f4866e47e9e4818
        NOTE: 
https://android.googlesource.com/platform/external/libcxx/+/a16cd9df50f22ccf65cf27eddc0403791116c75a


=====================================
data/packages/removed-packages
=====================================
@@ -809,3 +809,4 @@ flashplugin-nonfree
 golang-1.14
 postgresql-12
 python3.8
+llvm-toolchain-10



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0468e9d470d9f179c0feddaa007776a39d4a63c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0468e9d470d9f179c0feddaa007776a39d4a63c3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to