<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Sylvain Beucler pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c">82908a92</a></strong>

<div>

<span>by Sylvain Beucler</span>

<i>at 2022-05-20T15:34:31+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Reserve DLA-3016-1 for rsyslog

</pre>

</li>

</ul>

<h4>3 changed files:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

<li class="file-stats">

<a href="#c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9">

data/DLA/list

</a>

</li>

<li class="file-stats">

<a href="#451c03275399f1318aed4e8b2d621183019720c6">

data/dla-needed.txt

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

<li id="c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c#c6cd61c8ef8efbfbfd18815b1aad9ff25179adb9"><strong>data/DLA/list</strong></a>

<hr>

<table class="code white" style="font-family: monospace; font-size: 90%;" bgcolor="#fff" width="100%" cellpadding="0" cellspacing="0">

<tr class="line_holder new" style="line-height: 1.6;">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

1

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0"><pre style="margin: 0;">+<span id="LC1" class="line" lang="plaintext">[20 May 2022] DLA-3016-1 rsyslog - security update</span>

</pre></td>

</tr>

<tr class="line_holder new" style="line-height: 1.6;">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="2" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

2

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0"><pre style="margin: 0;">+<span id="LC2" class="line" lang="plaintext">        {CVE-2018-16881 CVE-2022-24903}</span>

</pre></td>

</tr>

<tr class="line_holder new" style="line-height: 1.6;">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="3" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

3

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0"><pre style="margin: 0;">+<span id="LC3" class="line" lang="plaintext">        [stretch] - rsyslog 8.24.0-1+deb9u2</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

1

</td>

<td class="new_line diff-line-num" data-linenumber="4" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

4

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC4" class="line" lang="plaintext">[20 May 2022] DLA-3015-1 ark - security update</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="2" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

2

</td>

<td class="new_line diff-line-num" data-linenumber="5" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

5

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC5" class="line" lang="plaintext">        {CVE-2020-16116 CVE-2020-24654}</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="3" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

3

</td>

<td class="new_line diff-line-num" data-linenumber="6" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

6

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC6" class="line" lang="plaintext">        [stretch] - ark 4:16.08.3-2+deb9u1</span>

</pre></td>

</tr>

</table>

<br>

</li>

<li id="451c03275399f1318aed4e8b2d621183019720c6">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c#451c03275399f1318aed4e8b2d621183019720c6"><strong>data/dla-needed.txt</strong></a>

<hr>

<table class="code white" style="font-family: monospace; font-size: 90%;" bgcolor="#fff" width="100%" cellpadding="0" cellspacing="0">

<tr class="line_holder match" style="line-height: 1.6;">

<td class="diff-line-num unfold js-unfold old_line" data-linenumber="164" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>

<td class="diff-line-num unfold js-unfold new_line" data-linenumber="164" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">...</td>

<td class="line_content match" style="padding-left: 0.5em; padding-right: 0.5em; color: rgba(0,0,0,0.3);" bgcolor="#fafafa">@@ -164,10 +164,6 @@ ruby-devise-two-factor</td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="164" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

164

</td>

<td class="new_line diff-line-num" data-linenumber="164" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

164

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC164" class="line" lang="plaintext">  NOTE: 20220427: of an incomplete fix to CVE-2015-7225. Will require some investigation. (lamby)</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="165" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

165

</td>

<td class="new_line diff-line-num" data-linenumber="165" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

165

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC165" class="line" lang="plaintext">  NOTE: 20220502: should be marked as no-dsa; will send more details on the list. (utkarsh)</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="166" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

166

</td>

<td class="new_line diff-line-num" data-linenumber="166" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

166

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC166" class="line" lang="plaintext">--</span>

</pre></td>

</tr>

<tr class="line_holder old" style="line-height: 1.6;">

<td class="old_line diff-line-num old" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

167

</td>

<td class="new_line diff-line-num old" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

</td>

<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb"><pre style="margin: 0;">-<span id="LC167" class="line" lang="plaintext">rsyslog (Sylvain Beucler)</span>

</pre></td>

</tr>

<tr class="line_holder old" style="line-height: 1.6;">

<td class="old_line diff-line-num old" data-linenumber="168" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

168

</td>

<td class="new_line diff-line-num old" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

</td>

<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb"><pre style="margin: 0;">-<span id="LC168" class="line" lang="plaintext">  NOTE: 20220515: Please recheck. Vulnerable function processDataRcvd does not</span>

</pre></td>

</tr>

<tr class="line_holder old" style="line-height: 1.6;">

<td class="old_line diff-line-num old" data-linenumber="169" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

169

</td>

<td class="new_line diff-line-num old" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

</td>

<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb"><pre style="margin: 0;">-<span id="LC169" class="line" lang="plaintext">  NOTE: seem to be affected but I'm not completely sure. Programming language C. (apo)</span>

</pre></td>

</tr>

<tr class="line_holder old" style="line-height: 1.6;">

<td class="old_line diff-line-num old" data-linenumber="170" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

170

</td>

<td class="new_line diff-line-num old" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">

</td>

<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb"><pre style="margin: 0;">-<span id="LC170" class="line" lang="plaintext">--</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="171" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

171

</td>

<td class="new_line diff-line-num" data-linenumber="167" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

167

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC167" class="line" lang="plaintext">salt</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="172" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

172

</td>

<td class="new_line diff-line-num" data-linenumber="168" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

168

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC168" class="line" lang="plaintext">--</span>

</pre></td>

</tr>

<tr class="line_holder" style="line-height: 1.6;">

<td class="old_line diff-line-num" data-linenumber="173" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

173

</td>

<td class="new_line diff-line-num" data-linenumber="169" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

169

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;"><pre style="margin: 0;"> <span id="LC169" class="line" lang="plaintext">samba</span>

</pre></td>

</tr>

</table>

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82908a92c8dfd87f24ece65421584b63557e5c9c"}}</script>

</p>

</div>

</body>

</html>