diff options
author | Brian May <brian@linuxpenguins.xyz> | 2021-01-18 08:17:41 +1100 |
---|---|---|
committer | Brian May <brian@linuxpenguins.xyz> | 2021-01-18 08:17:41 +1100 |
commit | 17c1f2b550eb4e91ddea88edaab75c55f2d5ecd5 (patch) | |
tree | 769bdef6d579bf191174cfff4103f9e942ceaf47 /data | |
parent | 1caf232e0ae94e0374c8a425e857b426540653ce (diff) |
Reserve DLA-2527-1 for snapd
Diffstat (limited to 'data')
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 5 |
2 files changed, 3 insertions, 5 deletions
diff --git a/data/DLA/list b/data/DLA/list index 884c4abeef..3a85db9248 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[18 Jan 2021] DLA-2527-1 snapd - security update + {CVE-2019-11840} + [stretch] - snapd 2.21-2+deb9u1 [15 Jan 2021] DLA-2526-1 ruby-redcarpet - security update {CVE-2020-26298} [stretch] - ruby-redcarpet 3.3.4-2+deb9u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 3f751520fe..d63b4a8416 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -124,11 +124,6 @@ slirp (pu-Thorsten Alteholz) NOTE: update has to done in sid->buster->stretch NOTE: 20200401: waiting for pu -- -snapd (Brian May) - NOTE: Needs rebuild for CVE-2019-11840 in golang-go.crypto. - NOTE: Problems with upload. - NOTE: 2020-01-13 Still waiting for response from ftp-master. --- spotweb NOTE: 20201220: The affected code (PHP!) uses string concatenation to construct a SQL query. NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. |