Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (5)
follow security team with no-dsa for CVE-2018-8036
· 1e00bbc0
Thorsten Alteholz
authored
Jun 30, 2018
1e00bbc0
typo
· a7a70eab
Thorsten Alteholz
authored
Jun 30, 2018
a7a70eab
add sssd
· dbcd90b9
Thorsten Alteholz
authored
Jun 30, 2018
dbcd90b9
add symfony
· f4f667d4
Thorsten Alteholz
authored
Jun 30, 2018
f4f667d4
set same status as in Wheezy for CVE-2018-1000119
· e0a92437
Thorsten Alteholz
authored
Jun 30, 2018
e0a92437
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
e0a92437
...
...
@@ -12555,6 +12555,7 @@ CVE-2018-8036
RESERVED
- libpdfbox-java <unfixed> (low)
[stretch] - libpdfbox-java <no-dsa> (Minor issue)
[jessie] - libpdfbox-java <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/06/29/2
CVE-2018-8035
RESERVED
...
...
@@ -13615,6 +13616,7 @@ CVE-2018-7651 (index.js in the ssri module before 5.2.2 for Node.js is prone to
NOTE: nodejs not covered by security support
CVE-2018-1000119 (Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier ...)
- ruby-rack-protection <unfixed> (bug #892250)
[jessie] - ruby-rack-protection <ignored> (Low prio package and low prio vulnerability according to RedHat)
[wheezy] - ruby-rack-protection <ignored> (Low prio package and low prio vulnerability according to RedHat)
NOTE: https://snyk.io/vuln/SNYK-RUBY-SINATRA-20470
NOTE: https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395
data/dla-needed.txt
View file @
e0a92437
...
...
@@ -97,6 +97,12 @@ ruby2.1 (Santiago)
slurm-llnl (Thorsten Alteholz)
NOTE: CVE-2018-7033 fixed in wheezy.
--
sssd
NOTE: 20180630: no fix available, so no email sent to maintainer yet
--
symfony
NOTE: 20180630: email sent to maintainer, please wait some time before working on this package
--
thunderbird (Emilio Pozuelo)
--
tiff (Markus Koschany)
...
...
data/packages/lts-do-not-call
View file @
e0a92437
...
...
@@ -22,7 +22,7 @@ mercurial https://lists.debian.org/debian-lts/2017/12/msg00058.html
nspr https://lists.debian.org/debian-lts/2016/09/msg00192.html
nss https://lists.debian.org/debian-lts/2016/09/msg00192.html
opencv no answer to https://lists.debian.org/debian-lts/2017/09/msg00028.html, all LTS uploads by LTS team
openjpeg (private conversation, Mathieu would review patches)
openjpeg
2
(private conversation, Mathieu would review patches)
openssh no answer to https://lists.debian.org/debian-lts/2016/08/msg00102.html, all LTS uploads by LTS team
php5 (once upon a time during Squeeze LTS)
poppler no answer to https://lists.debian.org/debian-lts/2016/04/msg00128.html, all LTS uploads by LTS team
...
...