diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-10-19 23:22:20 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-10-19 23:24:35 +0200 |
commit | 82afcf5a51f8fb42b17b08fcd67c5aea70048ce0 (patch) | |
tree | 9e71d96f868a6f7cce9168618579ee272a457cce | |
parent | 4d587b934eeff7423219e7a4e778774c5688dd4a (diff) |
buster triage
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/dsa-needed.txt | 4 |
2 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 25b8227fe6..ee5c8a18be 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2436,6 +2436,7 @@ CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended NOTE: https://github.com/dgrijalva/jwt-go/pull/426 CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expressi ...) - libonig <unfixed> (bug #972113) + [buster] - libonig <no-dsa> (Minor issue) NOTE: https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0 NOTE: https://github.com/kkos/oniguruma/issues/207 CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...) @@ -130186,6 +130187,7 @@ CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH p NOTE: https://bugs.launchpad.net/mistral/+bug/1783708 CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack Mistral i ...) - mistral 10.0.0~rc1-2 + [buster] - mistral <no-dsa> (Minor issue) [stretch] - mistral <end-of-life> (OpenStack component; not supported in stretch LTS) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332 NOTE: https://bugs.launchpad.net/mistral/%2Bbug/1785657 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index b22cc736b7..3c8fd00db0 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -23,8 +23,12 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- +mariadb-10.3 (jmm) +-- netty -- +pdns-recursor +-- xcftools Hugo proposed to work on this update -- |