Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7b46dadd by Roberto C. Sánchez at 2020-03-04T21:06:34-05:00 LTS: mark CVE-2017-18641/lxc as <ignored> for jessie - - - - - a34af497 by Roberto C. Sánchez at 2020-03-04T21:07:54-05:00 LTS: remove lxc from dla-needed.txt, no open vulnerabilities - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -2750,6 +2750,7 @@ CVE-2018-21034 CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext HTTP, a ...) - lxc-templates <unfixed> - lxc 1:3.0.3-1 + [jessie] - lxc <ignored> (https://lists.debian.org/debian-lts/2020/02/msg00102.html) NOTE: LXC 3.0.2 split the templates out to separate lxc-templates. NOTE: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1661447 NOTE: Some of the templates were switched to fetch the pacakges over HTTPS, cf. ===================================== data/dla-needed.txt ===================================== @@ -42,10 +42,6 @@ lua-cgi NOTE: 20200227: The package do not seem to be used much, but the popcon data in this case NOTE: 20200227: may not be entirelly reliable. One possibility is to declare it unsupported. (Ola) -- -lxc (Roberto C. Sánchez) - NOTE: 20200221: CVE-2017-18641 is probably to extensive to fix in Jessie - NOTE: 20200226: sent propsal for no-dsa triage to mailing list for review. (roberto) --- nova (Thorsten Alteholz) -- opendmarc (Thorsten Alteholz) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/556cc9e22eefa8e991f153ed421e23c788f5ad23...a34af497081f5ef801f510b6f9f507866dda7ad3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/556cc9e22eefa8e991f153ed421e23c788f5ad23...a34af497081f5ef801f510b6f9f507866dda7ad3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits