Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (7)
add libssh2
· bd0e22d9
Thorsten Alteholz
authored
Mar 21, 2019
bd0e22d9
add pdns
· e9c118a9
Thorsten Alteholz
authored
Mar 21, 2019
e9c118a9
mark CVE-2018-12181 as end-of-life for jessie (non-free)
· 69734939
Thorsten Alteholz
authored
Mar 21, 2019
69734939
mark CVE-2009-5155 as no-dsa
· d7d607e4
Thorsten Alteholz
authored
Mar 21, 2019
d7d607e4
mark CVE-2019-9687 as no-dsa for Jessie
· 2c8de9c8
Thorsten Alteholz
authored
Mar 21, 2019
2c8de9c8
mark CVE-2018-20806 as no-dsa for Jessie
· ea95f167
Thorsten Alteholz
authored
Mar 21, 2019
ea95f167
mark CVE-2019-9754 as no-dsa for Jessie
· d2621a07
Thorsten Alteholz
authored
Mar 21, 2019
d2621a07
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
d2621a07
...
...
@@ -790,6 +790,7 @@ CVE-2018-20807 (An XSS issue has been found in welcome.cgi in Pulse Secure Pulse
CVE-2018-20806 (Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the ...)
- phamm <unfixed> (low; bug #924731)
[stretch] - phamm <no-dsa> (Minor issue)
[jessie] - phamm <no-dsa> (Minor issue)
NOTE: https://github.com/lota/phamm/issues/24
CVE-2019-9839
RESERVED
...
...
@@ -1053,6 +1054,7 @@ CVE-2019-9755
CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
- tcc <unfixed> (low; bug #925127)
[stretch] - tcc <no-dsa> (Minor issue)
[jessie] - tcc <no-dsa> (Minor issue)
NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2019-03/msg00038.html
CVE-2019-9753
RESERVED
...
...
@@ -1235,6 +1237,7 @@ CVE-2019-9688 (sftnow through 2018-12-29 allows index.php?g=Admin&m=User&
CVE-2019-9687 (PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ...)
- libpodofo <unfixed> (bug #924430)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/podofo/code/1969
CVE-2019-9686 (pacman before 5.1.3 allows directory traversal when installing a remot ...)
NOT-FOR-US: pacman package manager for arch, different from src:pacman
...
...
@@ -2538,6 +2541,7 @@ CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_
[experimental] - gnulib 20180621~6979c25-1
- gnulib 20140202+stable-3.2 (bug #924613)
[stretch] - gnulib <no-dsa> (Minor issue)
[jessie] - gnulib <no-dsa> (Minor issue)
- glibc 2.28-1
[stretch] - glibc <no-dsa> (Minor issue)
[jessie] - glibc <no-dsa> (Minor issue)
...
...
@@ -45141,6 +45145,7 @@ CVE-2018-12181 [Stack buffer overflow with corrupted BMP]
RESERVED
- edk2 0~20181115.85588389-3 (bug #924615)
[stretch] - edk2 <no-dsa> (Minor issue, will be fixed via point update)
[jessie] - edk2 <end-of-life> (non-free is not supported)
NOTE: https://lists.01.org/pipermail/edk2-devel/2019-March/037626.html
CVE-2018-12180 [Buffer Overflow in BlockIo service for RAM disk]
RESERVED
data/dla-needed.txt
View file @
d2621a07
...
...
@@ -64,6 +64,8 @@ libraw (Thorsten Alteholz)
libsolv
NOTE: 20190127: maintainer is Mike Gabriel
--
libssh2
--
linux (Ben Hutchings)
--
linux-4.9 (Ben Hutchings)
...
...
@@ -77,6 +79,8 @@ openssh (Mike Gabriel)
NOTE: 20190228: CVE-2019-6111 seemingly not-yet-fixed, see https://bugs.debian.org/923486
NOTE: 20190228: Package draft for jessie LTS locally, but the CVE-2019-6111 patch requires being fixed first before proceeding
--
pdns
--
php5 (Thorsten Alteholz)
NOTE: 20190317: new CVEs appeared
--
...
...
