diff options
| author | Utkarsh Gupta <utkarsh@debian.org> | 2022-03-07 19:14:25 +0530 |
|---|---|---|
| committer | Utkarsh Gupta <utkarsh@debian.org> | 2022-03-07 19:14:25 +0530 |
| commit | 14218b36bb0c568fac9d4033c0fe9a769bcfb203 (patch) | |
| tree | 5437efff21b4882d0d1cb1a22b7b09007842fe6f | |
| parent | 5e9d5130e57f12b692c0235cf63cf187567084ff (diff) | |
Reserve DLA-2936-1 for libgit2
| -rw-r--r-- | data/CVE/list | 5 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index d4714bf9f3..ae4ce86cbf 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -233824,7 +233824,6 @@ CVE-2018-15502 (Insecure permissions in Lone Wolf Technologies loadingDOCS 2018- CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27. ...) {DLA-1477-1} - libgit2 0.27.4+dfsg.1-0.1 (low) - [stretch] - libgit2 <no-dsa> (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406 NOTE: https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649 CVE-2018-15500 @@ -246288,12 +246287,10 @@ CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing check in ...) {DLA-1477-1} - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903508) - [stretch] - libgit2 <no-dsa> (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3 CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been discove ...) {DLA-1477-1} - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903509) - [stretch] - libgit2 <no-dsa> (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a NOTE: https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22 CVE-2018-XXXX [Incomplete fix for CVE-2018-10886] @@ -253394,13 +253391,11 @@ CVE-2018-8100 (The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 CVE-2018-8099 (Incorrect returning of an error code in the index.c:read_entry() funct ...) [experimental] - libgit2 0.27.0+dfsg.1-0.1 - libgit2 0.27.0+dfsg.1-0.6 (low; bug #892962) - [stretch] - libgit2 <no-dsa> (Minor issue) [jessie] - libgit2 <no-dsa> (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/58a6fe94cb851f71214dbefac3f9bffee437d6fe CVE-2018-8098 (Integer overflow in the index.c:read_entry() function while decompress ...) [experimental] - libgit2 0.27.0+dfsg.1-0.1 - libgit2 0.27.0+dfsg.1-0.6 (low; bug #892961) - [stretch] - libgit2 <no-dsa> (Minor issue) [jessie] - libgit2 <no-dsa> (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1 NOTE: https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0 diff --git a/data/DLA/list b/data/DLA/list index 125b1bb762..b417efa6ba 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[07 Mar 2022] DLA-2936-1 libgit2 - security update + {CVE-2018-8098 CVE-2018-8099 CVE-2018-10887 CVE-2018-10888 CVE-2018-15501} + [stretch] - libgit2 0.25.1+really0.24.6-1+deb9u1 [07 Mar 2022] DLA-2935-1 expat - security update {CVE-2022-23852 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25315} [stretch] - expat 2.2.0-2+deb9u5 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 07028e1131..28cefe6a19 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -55,10 +55,6 @@ kcron libarchive (Thorsten Alteholz) NOTE: 20220225: fix seems to be incomplete -- -libgit2 (Utkarsh) - NOTE: 20220208: got clearance. will upload this week. (utkarsh) - NOTE: 20220221: had been severely ill the past week. shall get it done soon. (utkarsh) --- linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) |