Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: aba89204 by Roberto C. Sánchez at 2020-01-26T16:44:00-05:00 CVE-2019-19344 does not affect samba in jessie - - - - - 1f2a3d7e by Roberto C. Sánchez at 2020-01-26T16:44:04-05:00 Mark CVE-2019-14902, CVE-2019-14907 as minor for samba in jessie - - - - - 895c9653 by Roberto C. Sánchez at 2020-01-26T16:45:03-05:00 LTS/remove samba from dla-needed.txt, no open issues remain - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -15627,6 +15627,7 @@ CVE-2019-19344 (There is a use-after-free issue in all samba 4.9.x versions befo - samba <unfixed> [buster] - samba <no-dsa> (Minor issue) [stretch] - samba <not-affected> (Only affects Samba 4.9 onwards) + [jessie] - samba <not-affected> (Only affects Samba 4.9 onwards) NOTE: https://www.samba.org/samba/security/CVE-2019-19344.html CVE-2019-19343 RESERVED @@ -31172,6 +31173,7 @@ CVE-2019-14907 (All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 an - samba <unfixed> [buster] - samba <no-dsa> (Minor issue) [stretch] - samba <no-dsa> (Minor issue) + [jessie] - samba <no-dsa> (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2019-14907.html CVE-2019-14906 (A flaw was found with the RHSA-2019:3950 erratum, where it did not fix ...) NOT-FOR-US: Specific CVE assignment for incorrect/incomplete fix of CVE-2019-13616 in RHEL 7 @@ -31195,6 +31197,7 @@ CVE-2019-14902 (There is an issue in all samba 4.11.x versions before 4.11.5, al - samba <unfixed> [buster] - samba <no-dsa> (Minor issue) [stretch] - samba <no-dsa> (Minor issue) + [jessie] - samba <no-dsa> (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2019-14902.html CVE-2019-14901 (A heap overflow flaw was found in the Linux kernel, all versions 3.x.x ...) {DLA-2068-1} ===================================== data/dla-needed.txt ===================================== @@ -109,8 +109,6 @@ salt NOTE: 20200118: very similar code passage in salt/jessie's salt/client/api.py file. NOTE: 20200118: Needs to be checked, if that code is vulnerable or not. -- -samba (Roberto C. Sánchez) --- slurm-llnl NOTE: 20191125: up for testing https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc NOTE: Regression found. (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fd50b28f529fa932eabf5b6c0eb2d200ab919ff6...895c965340ffe535f215ea1426356581ab56c52b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fd50b28f529fa932eabf5b6c0eb2d200ab919ff6...895c965340ffe535f215ea1426356581ab56c52b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits