[Git][security-tracker-team/security-tracker][master] 2 commits: update notes

Sun Sep 26 23:01:35 BST 2021


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1d8566b by Thorsten Alteholz at 2021-09-27T00:00:29+02:00
update notes

- - - - -
0efbab31 by Thorsten Alteholz at 2021-09-27T00:01:23+02:00
Reserve DLA-2766-1 for openssl

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Sep 2021] DLA-2766-1 openssl - security update
+	{CVE-2021-3712}
+	[stretch] - openssl 1.1.0l-1~deb9u4
 [23 Sep 2021] DLA-2765-1 mupdf - security update
 	{CVE-2016-10246 CVE-2016-10247 CVE-2017-6060 CVE-2018-10289 CVE-2018-1000036 CVE-2020-19609}
 	[stretch] - mupdf 1.14.0+ds1-4+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -30,6 +30,7 @@ cacti (Roberto C. Sánchez)
   NOTE: 20210914: still assessing whether or not affected (roberto)
 --
 curl (Thorsten Alteholz)
+  NOTE: 20210926: coordinate with upload to other releases
 --
 debian-archive-keyring (Utkarsh)
   NOTE: https://lists.debian.org/debian-lts/2021/08/msg00037.html
@@ -72,11 +73,8 @@ nvidia-graphics-drivers
   NOTE: package is in non-free but also in packages-to-support
   NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077
 --
-openssl (Thorsten Alteholz)
-  NOTE: 20210912: testing package, upload probably after LE fix
---
 openssl1.0 (Thorsten Alteholz)
-  NOTE: 20210912: testing package, upload probably after LE fix
+  NOTE: 20210926: testing package, tests still don't pass
 --
 plib (Anton Gladky)
   NOTE: 20210829: no fix yet. (thorsten)
@@ -115,6 +113,7 @@ smarty3
   NOTE: 20210906: prepared a build for testing. Waiting for bug submitter's reply (abhijith)
 --
 squashfs-tools (Thorsten Alteholz)
+  NOTE: 20210926: coordinate with upload to other releases
 --
 tiff (Utkarsh)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a8d4c051da9afa49e73ad00b643db2e8079f4f78...0efbab31830c24000a9da20f3d898a91b410ebaf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a8d4c051da9afa49e73ad00b643db2e8079f4f78...0efbab31830c24000a9da20f3d898a91b410ebaf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210926/29bbfe8c/attachment-0001.htm>
