On Wed, Aug 14, 2019 at 10:13:06PM +0200, Markus Koschany wrote:
Thank you for preparing an update for openldap in Jessie. I will take
care of all necessary paper work and upload the package for you.
Great. Thank you! I uploaded the package to mentors.d.n, so the source
package is available
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: openjdk-7
Version: 7u231-2.6.19-1~deb8u1
CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2816
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: freetype
Version: 2.5.2-3+deb8u3
CVE ID : CVE-2015-9290
A buffer over-read in the t1-parser of freetype, a font engine, has been
found and fixed by checking limits more sensible.
For Debian 8 "Jessie", this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 12 Aug 2019 19:58:42 +0200
Source: openjdk-7
Binary: openjdk-7-jdk openjdk-7-jre-headless openjdk-7-jre openjdk-7-jre-lib
openjdk-7-demo openjdk-7-source openjdk-7-doc openjdk-7-dbg icedtea-7-jre-jamvm
openjdk-7-jre-zero
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 15 Aug 2019 19:25:24 +0200
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.5.2-3+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer:
On Thu, Aug 15, 2019 at 08:39:02AM -0700, Chris Lamb wrote:
> Hi Roberto,
>
> > I decided to take a shot fixing CVE-2018-11782 and CVE-2019-0203 for
> > subversion in jessie. You had made the following note in
> > dla-needed.txt:
> >
> > subversion
> > NOTE: 20190804: For (at least)
Hi Roberto,
> I decided to take a shot fixing CVE-2018-11782 and CVE-2019-0203 for
> subversion in jessie. You had made the following note in
> dla-needed.txt:
>
> subversion
> NOTE: 20190804: For (at least) CVE-2018-11782 the svn_err_trace that
> is in the diff has not been added yet.
