diff options
| author | Emilio Pozuelo Monfort <pochu@debian.org> | 2020-10-21 23:40:53 +0200 |
|---|---|---|
| committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2020-10-21 23:40:53 +0200 |
| commit | 66261ce9bce0b2502f8c9f720542954c16b140b9 (patch) | |
| tree | 1d892b247eb429cc7eee6581b29951c9d3474218 | |
| parent | c0b7ff7f9b26673f68222383d2ee121eb9a8626d (diff) | |
Reserve DLA-2411-1 for firefox-esr
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/data/DLA/list b/data/DLA/list index 2234591238..091b2593c0 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[21 Oct 2020] DLA-2411-1 firefox-esr - security update + {CVE-2020-15683 CVE-2020-15969} + [stretch] - firefox-esr 78.4.0esr-1~deb9u1 [21 Oct 2020] DLA-2410-1 bluez - security update {CVE-2020-27153} [stretch] - bluez 5.43-2+deb9u3 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 592e219387..d950a095dd 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -67,8 +67,6 @@ f2fs-tools NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver) -- -firefox-esr (Emilio) --- fossil NOTE: 20200903: looked into CVE-2020-24614: the fix for this CVE partially applies, but does not apply around a NOTE: 20200903: database query in src/add.c. In fact, the patch fixing this CVE is quite invasive. Maybe decide |