diff options
author | Thorsten Alteholz <debian@alteholz.de> | 2020-10-29 17:01:23 +0100 |
---|---|---|
committer | Thorsten Alteholz <debian@alteholz.de> | 2020-10-29 17:01:23 +0100 |
commit | 93494ce55292e541baa53c3505875617068388a9 (patch) | |
tree | 057cf6597f5a695a0da44641e50c89fec6acb72f | |
parent | fb038b3f5f2e6e1da1a3da30e7f530d010a44a7b (diff) |
Reserve DLA-2419-1 for dompurify.js
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/data/DLA/list b/data/DLA/list index 559f4b844b..09973e62e9 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[29 Oct 2020] DLA-2419-1 dompurify.js - security update + {CVE-2019-16728 CVE-2020-26870} + [stretch] - dompurify.js 0.8.2~dfsg1-1+deb9u1 [29 Oct 2020] DLA-2418-1 libsndfile - security update {CVE-2017-6892 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758 CVE-2019-3832} [stretch] - libsndfile 1.0.27-3+deb9u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index b41f594ebb..74bb9982e0 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -61,9 +61,6 @@ condor NOTE: 20200712: Requested input on path forward from debian-lts@l.d.o (roberto) NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto) -- -dompurify.js (Thorsten Alteholz) - NOTE: 20201013: Package only in stretch - needs investigation to identify patch. (lamby) --- f2fs-tools NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver) |