Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: c87e7afb by Chris Lamb at 2018-03-04T21:55:19+00:00 data/dla-needed.txt: Correct ordering - - - - - 21592d03 by Chris Lamb at 2018-03-04T21:55:19+00:00 Add patch link for CVE-2018-7443 (libjgraphx-java) - - - - - 3e6969d6 by Chris Lamb at 2018-03-04T21:55:20+00:00 Triage libjgraphx-java for LTS - - - - - 96c75e80 by Chris Lamb at 2018-03-04T21:55:38+00:00 Claim libjgraphx-java in data/dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -686,6 +686,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...) [jessie] - libjgraphx-java <no-dsa> (Minor issue) [stretch] - libjgraphx-java <no-dsa> (Minor issue) NOTE: https://github.com/jgraph/mxgraph/issues/124 + NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...) {DLA-1293-1} - imagemagick <unfixed> (low; bug #891291) ===================================== data/dla-needed.txt ===================================== --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -28,13 +28,13 @@ gcc-4.7 (Roberto C. Sánchez) NOTE: Backport the retpoline support for spectre mitigation. NOTE: Do we want/need it on this gcc version as well? -- -isc-dhcp (Thorsten Alteholz) --- icu (Thorsten Alteholz) NOTE: 20171229: CVE-2017-15422 was reported via Google Code issue report in Chromium project; report is not visible to the public -- imagemagick (Markus Koschany) -- +isc-dhcp (Thorsten Alteholz) +-- jruby (Emilio Pozuelo) -- krb5 @@ -58,6 +58,8 @@ libav (Hugo Lefeuvre) -- libgcrypt11 -- +libjgraphx-java (Chris Lamb) +-- libmad (Kurt Roeckx) -- libreoffice @@ -109,3 +111,4 @@ xen -- zsh (Abhijith PA) NOTE: 20180303: Upstream repository is temporarily offline (abhijith) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb5ad02f193d4b359ee5d84b3b5c22f7ba7e9c70...96c75e80debe584c53ffcabedd33caabc6a02684 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits