[Git][security-tracker-team/security-tracker][master] Mark CVE-2021-30465 as no-dsa for stretch

Abhijith PA (@abhijith) abhijith at debian.org
Sun Aug 1 22:58:05 BST 2021 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a050e62e by Abhijith PA at 2021-08-02T03:27:40+05:30
Mark CVE-2021-30465 as no-dsa for stretch

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -17283,6 +17283,7 @@ CVE-2021-30466
 	RESERVED
 CVE-2021-30465 (runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Dire ...)
 	- runc 1.0.0~rc93+ds1-5 (bug #988768)
+	[stretch] - runc <no-dsa> (Intrusive to backport fix)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/05/19/2
 	NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r
 	NOTE: Initial patch in -4, but revised patch was applied only in -5


=====================================
data/dla-needed.txt
=====================================
@@ -87,10 +87,6 @@ ruby-kaminari
   NOTE: 20210719: I believe the fix is just adding and extending the blacklist for ruby-kaminari.
   NOTE: 20210719: Will discuss this with Utkarsh (maintainer) shortly.
 --
-runc (Abhijith PA)
-  NOTE: 20210612: Not sure if applies to this version. (lamby)
-  NOTE: 20210721: Requires more investigation. Even Ubuntu ESM, LTS uploaded fixed upstream version.
---
 salt
   NOTE: 20210329: WIP (utkarsh)
   NOTE: 20210510: patches ready; reviewing and testing with donfede, damien, and bdrung. (utkarsh)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a050e62e4ba61baeef795b40e7a77898f89733f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a050e62e4ba61baeef795b40e7a77898f89733f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210801/de8f3a8d/attachment.htm>

More information about the debian-security-tracker-commits mailing list