Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (2)
CVEs fixed, so remove no-dsa
· 35edb858
Thorsten Alteholz
authored
Jan 25, 2019
35edb858
Reserve DLA-1643-1 for krb5
· 6e917311
Thorsten Alteholz
authored
Jan 25, 2019
6e917311
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
6e917311
...
...
@@ -9078,7 +9078,6 @@ CVE-2018-20218
CVE-2018-20217 (A Reachable Assertion issue was discovered in the KDC in MIT Kerberos ...)
- krb5 1.16.2-1 (low; bug #917387)
[stretch] - krb5 <no-dsa> (Minor issue)
[jessie] - krb5 <no-dsa> (Minor issue)
NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
NOTE: https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
CVE-2018-20216 (QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c ...)
...
...
@@ -55072,13 +55071,11 @@ CVE-2018-5731 (An issue was discovered in Heimdal PRO 2.2.190. As part of the ..
CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with permission ...)
- krb5 1.16.1-1 (bug #891869)
[stretch] - krb5 <no-dsa> (Minor issue)
[jessie] - krb5 <no-dsa> (Minor issue)
[wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with permission ...)
- krb5 1.16.1-1 (bug #891869)
[stretch] - krb5 <no-dsa> (Minor issue)
[jessie] - krb5 <no-dsa> (Minor issue)
[wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...)
data/DLA/list
View file @
6e917311
[25 Jan 2019] DLA-1643-1 krb5 - security update
{CVE-2018-5729 CVE-2018-5730 CVE-2018-20217}
[jessie] - krb5 1.12.1+dfsg-19+deb8u5
[25 Jan 2019] DLA-1642-1 postgresql-9.4 - new upstream version
[jessie] - postgresql-9.4 9.4.20-0+deb8u1
[25 Jan 2019] DLA-1641-1 mxml - security update
...
...
data/dla-needed.txt
View file @
6e917311
...
...
@@ -63,10 +63,6 @@ imagemagick
NOTE: new upstream version like the security team did with Graphicsmagick in
NOTE: Stretch. (apo)
--
krb5 (Thorsten Alteholz)
NOTE: 20181230: probably some no-dsa should be fixed
NOTE: 20190120: patches ready, test suite ready, waiting for test results on wheezy (Thorsten)
--
libav (Mike Gabriel)
--
libraw (Abhijith PA)
...
...
