[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for uwsgi update

Sat, 17 Mar 2018 09:39:54 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
381bbbbb by Salvatore Bonaccorso at 2018-03-17T17:38:51+01:00
Reserve DSA number for uwsgi update

- - - - -


4 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5429,7 +5429,7 @@ CVE-2018-6758 (The uwsgi_expand_path function in 
core/utils.c in Unbit uWSGI thr
        {DLA-1275-1}
        - uwsgi 2.0.15-10.2 (bug #889753)
        [stretch] - uwsgi 2.0.14+20161117-3+deb9u1
-       [jessie] - uwsgi <no-dsa> (Minor issue)
+       [jessie] - uwsgi 2.0.7-1+deb8u2
        NOTE: http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
        NOTE: 
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
 CVE-2018-6657


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[17 Mar 2018] DSA-4142-1 uwsgi - security update
+       {CVE-2018-7490}
+       [jessie] - uwsgi 2.0.7-1+deb8u2
+       [stretch] - uwsgi 2.0.14+20161117-3+deb9u2
 [16 Mar 2018] DSA-4141-1 libvorbisidec - security update
        {CVE-2018-5147}
        [jessie] - libvorbisidec 1.0.2+svn18153-1~deb8u2


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -98,8 +98,6 @@ undertow
 --
 vlc (jmm)
 --
-uwsgi (carnil)
---
 xen/oldstable
 --
 zendframework/oldstable


=====================================
data/next-oldstable-point-update.txt
=====================================
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -81,8 +81,6 @@ CVE-2017-12379
        [jessie] - clamav 0.99.2+dfsg-0+deb8u3
 CVE-2017-12380
        [jessie] - clamav 0.99.2+dfsg-0+deb8u3
-CVE-2018-6758
-       [jessie] - uwsgi 2.0.7-1+deb8u2
 CVE-2017-16612
        [jessie] - wayland 1.6.0-2+deb8u1
 CVE-2017-18190



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/381bbbbb5d2359c1ed998790cd7c2b2392b258ab

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/381bbbbb5d2359c1ed998790cd7c2b2392b258ab
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to