From b54d9f1b6546f99c1e8159bc2d40c185f600f60e Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 19 Oct 2020 23:22:20 +0200 Subject: buster triage --- data/CVE/list.2018 | 1 + data/CVE/list.2020 | 1 + data/dsa-needed.txt | 4 ++++ 3 files changed, 6 insertions(+) diff --git a/data/CVE/list.2018 b/data/CVE/list.2018 index 1dcab54404..efd3ce2d6d 100644 --- a/data/CVE/list.2018 +++ b/data/CVE/list.2018 @@ -11908,6 +11908,7 @@ CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH p NOTE: https://bugs.launchpad.net/mistral/+bug/1783708 CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack Mistral i ...) - mistral 10.0.0~rc1-2 + [buster] - mistral (Minor issue) [stretch] - mistral (OpenStack component; not supported in stretch LTS) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332 NOTE: https://bugs.launchpad.net/mistral/%2Bbug/1785657 diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 7888d141bb..c470609f6d 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -2412,6 +2412,7 @@ CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended NOTE: https://github.com/dgrijalva/jwt-go/pull/426 CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expressi ...) - libonig (bug #972113) + [buster] - libonig (Minor issue) NOTE: https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0 NOTE: https://github.com/kkos/oniguruma/issues/207 CVE-2020-26158 (Leanote Desktop through 2.6.2 allows XSS because a note's title is mis ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index b22cc736b7..3c8fd00db0 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -23,8 +23,12 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- +mariadb-10.3 (jmm) +-- netty -- +pdns-recursor +-- xcftools Hugo proposed to work on this update -- -- cgit v1.2.3