[Git][security-tracker-team/security-tracker][master] Reserve DLA-2871-1 for lxml
Utkarsh Gupta (@utkarsh)
utkarsh at debian.org
Thu Dec 30 13:55:26 GMT 2021
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a013e83a by Utkarsh Gupta at 2021-12-30T19:25:14+05:30
Reserve DLA-2871-1 for lxml
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Dec 2021] DLA-2871-1 lxml - security update
+ {CVE-2021-43818}
+ [stretch] - lxml 3.7.1-1+deb9u5
[29 Dec 2021] DLA-2870-1 apache-log4j2 - security update
{CVE-2021-44832}
[stretch] - apache-log4j2 2.12.4-0+deb9u1
=====================================
data/dla-needed.txt
=====================================
@@ -73,8 +73,6 @@ linux (Ben Hutchings)
--
linux-4.19 (Ben Hutchings)
--
-lxml (Utkarsh)
---
nvidia-graphics-drivers (Markus Koschany)
NOTE: package is in non-free but also in packages-to-support
NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a013e83a2484798948992c61b1b4746b04824563
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a013e83a2484798948992c61b1b4746b04824563
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211230/e6137419/attachment.htm>
More information about the debian-security-tracker-commits
mailing list