diff options
| author | Adrian Bunk <bunk@debian.org> | 2020-09-29 17:27:22 +0300 |
|---|---|---|
| committer | Adrian Bunk <bunk@debian.org> | 2020-09-29 17:28:20 +0300 |
| commit | 8648affbd980e753a09cb82026634d2c33a3a032 (patch) | |
| tree | f632968368a8602e7d68de890329625251404c8b | |
| parent | ffeb12cb94301870f1f6436968bef2eaf19dc554 (diff) | |
Reserve DLA-2388-1 for nss
| -rw-r--r-- | data/CVE/list | 2 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index 1da9ac8b9c..747fb81c56 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -86845,7 +86845,6 @@ CVE-2019-11729 (Empty or malformed p256-ECDH public keys may trigger a segmentat [stretch] - thunderbird 1:60.8.0-1~deb9u1 - nss 2:3.45-1 [buster] - nss 2:3.42.1-1+deb10u1 - [stretch] - nss <no-dsa> (Minor issue) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11729 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11729 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11729 @@ -86898,7 +86897,6 @@ CVE-2019-11719 (When importing a curve25519 private key in PKCS#8format with lea [stretch] - thunderbird 1:60.8.0-1~deb9u1 - nss 2:3.45-1 [buster] - nss 2:3.42.1-1+deb10u1 - [stretch] - nss <no-dsa> (Minor issue) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11719 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11719 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11719 diff --git a/data/DLA/list b/data/DLA/list index 17bd78dc87..ebe8e1584b 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[29 Sep 2020] DLA-2388-1 nss - security update + {CVE-2018-12404 CVE-2018-18508 CVE-2019-11719 CVE-2019-11729 CVE-2019-11745 CVE-2019-17006 CVE-2019-17007 CVE-2020-6829 CVE-2020-12399 CVE-2020-12400 CVE-2020-12401 CVE-2020-12402 CVE-2020-12403} + [stretch] - nss 2:3.26.2-1.1+deb9u2 [28 Sep 2020] DLA-2387-1 firefox-esr - security update {CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678} [stretch] - firefox-esr 78.3.0esr-1~deb9u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 8610c0705b..0d1596dd67 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -100,10 +100,6 @@ mumble NOTE: 20200504: discussion going on with team@security.debian.org and mumble maintainer (abhijith) NOTE: 20200723: https://lists.debian.org/debian-lts/2020/05/msg00008.html (abhijith) -- -nss (Adrian Bunk) - NOTE: 20200706: from dsa-needed.txt: Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508 (Beuc) - NOTE: 20200928: testing fixed package (bunk) --- open-build-service (Utkarsh Gupta) NOTE: 20200928: in touch with upstream - still figuring out the best way to backport. (utkarsh) -- |