Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c87e7afb by Chris Lamb at 2018-03-04T21:55:19+00:00
data/dla-needed.txt: Correct ordering

- - - - -
21592d03 by Chris Lamb at 2018-03-04T21:55:19+00:00
Add patch link for CVE-2018-7443 (libjgraphx-java)

- - - - -
3e6969d6 by Chris Lamb at 2018-03-04T21:55:20+00:00
Triage libjgraphx-java for LTS

- - - - -
96c75e80 by Chris Lamb at 2018-03-04T21:55:38+00:00
Claim libjgraphx-java in data/dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -686,6 +686,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph 
before 3.7.6, the ...)
        [jessie] - libjgraphx-java <no-dsa> (Minor issue)
        [stretch] - libjgraphx-java <no-dsa> (Minor issue)
        NOTE: https://github.com/jgraph/mxgraph/issues/124
+       NOTE: 
https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 
7.0.7-23 Q16 ...)
        {DLA-1293-1}
        - imagemagick <unfixed> (low; bug #891291)


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -28,13 +28,13 @@ gcc-4.7 (Roberto C. Sánchez)
   NOTE: Backport the retpoline support for spectre mitigation.
   NOTE: Do we want/need it on this gcc version as well?
 --
-isc-dhcp (Thorsten Alteholz)
---
 icu (Thorsten Alteholz)
   NOTE: 20171229: CVE-2017-15422 was reported via Google Code issue report in 
Chromium project; report is not visible to the public
 --
 imagemagick (Markus Koschany)
 --
+isc-dhcp (Thorsten Alteholz)
+--
 jruby (Emilio Pozuelo)
 --
 krb5
@@ -58,6 +58,8 @@ libav (Hugo Lefeuvre)
 --
 libgcrypt11
 --
+libjgraphx-java (Chris Lamb)
+--
 libmad (Kurt Roeckx)
 --
 libreoffice
@@ -109,3 +111,4 @@ xen
 --
 zsh (Abhijith PA)
   NOTE: 20180303: Upstream repository is temporarily offline (abhijith)
+--



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to