Roberto C. Sánchez pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aba89204 by Roberto C. Sánchez at 2020-01-26T16:44:00-05:00
CVE-2019-19344 does not affect samba in jessie
- - - - -
1f2a3d7e by Roberto C. Sánchez at 2020-01-26T16:44:04-05:00
Mark CVE-2019-14902, CVE-2019-14907 as minor for samba in jessie
- - - - -
895c9653 by Roberto C. Sánchez at 2020-01-26T16:45:03-05:00
LTS/remove samba from dla-needed.txt, no open issues remain
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -15627,6 +15627,7 @@ CVE-2019-19344 (There is a use-after-free issue in all
samba 4.9.x versions befo
- samba <unfixed>
[buster] - samba <no-dsa> (Minor issue)
[stretch] - samba <not-affected> (Only affects Samba 4.9 onwards)
+ [jessie] - samba <not-affected> (Only affects Samba 4.9 onwards)
NOTE: https://www.samba.org/samba/security/CVE-2019-19344.html
CVE-2019-19343
RESERVED
@@ -31172,6 +31173,7 @@ CVE-2019-14907 (All samba versions 4.9.x before 4.9.18,
4.10.x before 4.10.12 an
- samba <unfixed>
[buster] - samba <no-dsa> (Minor issue)
[stretch] - samba <no-dsa> (Minor issue)
+ [jessie] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2019-14907.html
CVE-2019-14906 (A flaw was found with the RHSA-2019:3950 erratum, where it did
not fix ...)
NOT-FOR-US: Specific CVE assignment for incorrect/incomplete fix of
CVE-2019-13616 in RHEL 7
@@ -31195,6 +31197,7 @@ CVE-2019-14902 (There is an issue in all samba 4.11.x
versions before 4.11.5, al
- samba <unfixed>
[buster] - samba <no-dsa> (Minor issue)
[stretch] - samba <no-dsa> (Minor issue)
+ [jessie] - samba <no-dsa> (Minor issue)
NOTE: https://www.samba.org/samba/security/CVE-2019-14902.html
CVE-2019-14901 (A heap overflow flaw was found in the Linux kernel, all
versions 3.x.x ...)
{DLA-2068-1}
=====================================
data/dla-needed.txt
=====================================
@@ -109,8 +109,6 @@ salt
NOTE: 20200118: very similar code passage in salt/jessie's
salt/client/api.py file.
NOTE: 20200118: Needs to be checked, if that code is vulnerable or not.
--
-samba (Roberto C. Sánchez)
---
slurm-llnl
NOTE: 20191125: up for testing
https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc
NOTE: Regression found. (abhijith)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fd50b28f529fa932eabf5b6c0eb2d200ab919ff6...895c965340ffe535f215ea1426356581ab56c52b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fd50b28f529fa932eabf5b6c0eb2d200ab919ff6...895c965340ffe535f215ea1426356581ab56c52b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
