diff options
| author | Helmut Grohne <helmut@subdivi.de> | 2022-11-28 19:25:58 +0100 |
|---|---|---|
| committer | Helmut Grohne <helmut@subdivi.de> | 2022-11-28 19:36:10 +0100 |
| commit | 7246062f9187633beeb27792ea4da4bc3ed0e942 (patch) | |
| tree | 42810980e102eff8df34e14567ff75362436f2a0 /data/DLA | |
| parent | 66fdd56b866d7fd45eb6f415247d2130291e6478 (diff) | |
libraw ELTS triage
Yeah, this doesn't really belong here. However, we need to remove
conflicting declarations to allow adding them to the elts tracker
without messing up the database. This is the bulk of changes.
I'm also adding commit references as this is independent of ELTS.
Beyond this, two earlier DLAs have a wrong CVE list. DLA-2903-1 did not
fix CVE-2017-16909. It contains a CVE-2017-16909.patch, which fixes a
different vulnerability. DLA-1734-1 missed CVE-2018-5807 and
CVE-2018-5810, which are fixed by the same commit that fixes
CVE-2018-5808.
Except for the commit id notes, none of this can be fixed in the elts
tracker.
Diffstat (limited to 'data/DLA')
| -rw-r--r-- | data/DLA/list | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/DLA/list b/data/DLA/list index fb4ea67c12..b70ace5d02 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -917,7 +917,7 @@ {CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-23990} [stretch] - expat 2.2.0-2+deb9u4 [29 Jan 2022] DLA-2903-1 libraw - security update - {CVE-2017-13735 CVE-2017-14265 CVE-2017-14348 CVE-2017-14608 CVE-2017-16909 CVE-2017-16910 CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5804 CVE-2018-5805 CVE-2018-5806 CVE-2018-5807 CVE-2018-5808 CVE-2018-5810 CVE-2018-5811 CVE-2018-5812 CVE-2018-5813 CVE-2018-5815 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819 CVE-2018-20363 CVE-2018-20364 CVE-2018-20365} + {CVE-2017-13735 CVE-2017-14265 CVE-2017-14348 CVE-2017-14608 CVE-2017-16910 CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5804 CVE-2018-5805 CVE-2018-5806 CVE-2018-5807 CVE-2018-5808 CVE-2018-5810 CVE-2018-5811 CVE-2018-5812 CVE-2018-5813 CVE-2018-5815 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819 CVE-2018-20363 CVE-2018-20364 CVE-2018-20365} [stretch] - libraw 0.17.2-6+deb9u2 [27 Jan 2022] DLA-2902-1 graphicsmagick - security update {CVE-2020-12672} @@ -4527,7 +4527,7 @@ {CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325} [jessie] - ruby2.1 2.1.5-2+deb8u7 [28 Mar 2019] DLA-1734-1 libraw - security update - {CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5808 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819} + {CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5807 CVE-2018-5808 CVE-2018-5810 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819} [jessie] - libraw 0.16.0-9+deb8u4 [28 Mar 2019] DLA-1733-1 wpa - security update {CVE-2016-10743} |