diff options
author | Adrian Bunk <bunk@debian.org> | 2021-11-28 20:59:58 +0200 |
---|---|---|
committer | Adrian Bunk <bunk@debian.org> | 2021-11-28 20:59:58 +0200 |
commit | 7c1f75e1e7a45dc2a3434b7ea6e1adaeeb1c6129 (patch) | |
tree | 1a9aac5d3b705a9357f1600795c1d17c93ecae1a | |
parent | a0d8b353affd28a6bff571d1a9b0545db87a19a9 (diff) |
Reserve DLA-2831-1 for libntlm
-rw-r--r-- | data/CVE/list.2019 | 1 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index ba692a3ea2..f65ba3eb82 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -9233,7 +9233,6 @@ CVE-2019-17455 (Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAu {DLA-2207-1} - libntlm 1.6-1 (bug #942145) [buster] - libntlm 1.5-1+deb10u1 - [stretch] - libntlm <no-dsa> (Minor issue) NOTE: https://gitlab.com/jas/libntlm/issues/2 NOTE: https://gitlab.com/jas/libntlm/-/commit/b967886873fcf19f816b9c0868465f2d9e5df85e CVE-2019-17454 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTa ...) diff --git a/data/DLA/list b/data/DLA/list index 7f0c4a8cef..911d1fa04d 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[28 Nov 2021] DLA-2831-1 libntlm - security update + {CVE-2019-17455} + [stretch] - libntlm 1.4-8+deb9u1 [28 Nov 2021] DLA-2830-1 tar - security update {CVE-2018-20482} [stretch] - tar 1.29b-1.1+deb9u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 241a06d78a..310658a1a2 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -56,8 +56,6 @@ libgit2 (Utkarsh) NOTE: 20211029: and TAL later next week. (utkarsh) NOTE: 20211116: backports prepped; checking build and smoke-testing package. (utkarsh) -- -libntlm (Adrian Bunk) --- librecad (Sylvain Beucler) NOTE: 20211127: also take care of other suites -- |