diff options
author | Utkarsh Gupta <utkarsh@debian.org> | 2021-12-27 22:39:47 +0530 |
---|---|---|
committer | Utkarsh Gupta <utkarsh@debian.org> | 2021-12-27 22:39:47 +0530 |
commit | 5c20fed30b1fcfbe39c0d17ef19289eb397b2a2b (patch) | |
tree | 7fac24e65a989e621996bb6fe2c385c8204583ee /data | |
parent | a1b735d01e5ee3386a00c923fdd9d0c72cb830f0 (diff) |
Reserve DLA-2854-1 for novnc
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 1 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 5 deletions
diff --git a/data/CVE/list b/data/CVE/list index 9b0a95b9ec..350f9d73bf 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -156919,7 +156919,6 @@ CVE-2019-16889 (Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to CVE-2017-18635 (An XSS vulnerability was discovered in noVNC before 0.6.2 in which the ...) {DLA-1946-1} - novnc 1:1.0.0-1 - [stretch] - novnc <no-dsa> (Minor issue) NOTE: https://bugs.launchpad.net/horizon/+bug/1656435 NOTE: https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534 NOTE: https://github.com/novnc/noVNC/issues/748 diff --git a/data/DLA/list b/data/DLA/list index da47fb8fb2..7dba825f0a 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[27 Dec 2021] DLA-2854-1 novnc - security update + {CVE-2017-18635} + [stretch] - novnc 1:0.4+dfsg+1+20131010+gitf68af8af3d-6+deb9u1 [27 Dec 2021] DLA-2853-1 ruby2.3 - security update {CVE-2021-41817 CVE-2021-41819} [stretch] - ruby2.3 2.3.3-1+deb9u11 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 74acad5d1b..bfa0562b7f 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -73,10 +73,6 @@ lxml (Utkarsh) -- monit (Adrian Bunk) -- -novnc (Utkarsh) - NOTE: 20211227: CVE-2017-18635 was fixed in jessie in DLA-1946-1 - NOTE: 20211227: but is unfixed in stretch (bunk) --- nvidia-graphics-drivers (Markus Koschany) NOTE: package is in non-free but also in packages-to-support NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077 |