[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Apr 4 17:19:06 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd09e673 by Moritz Muehlenhoff at 2022-04-04T18:18:49+02:00
buster/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -531,6 +531,8 @@ CVE-2022-28353
RESERVED
CVE-2022-1210 (A vulnerability classified as problematic was found in LibTIFF 4.3.0. ...)
- tiff <unfixed>
+ [bullseye] - tiff <no-dsa> (Minor issue)
+ [buster] - tiff <no-dsa> (Minor issue)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/402
CVE-2021-46782
RESERVED
@@ -14471,6 +14473,8 @@ CVE-2022-23608 (PJSIP is a free and open source multimedia communication library
CVE-2022-23607 (treq is an HTTP library inspired by requests but written on top of Twi ...)
{DLA-2954-1}
- python-treq <unfixed> (bug #1005041)
+ [bullseye] - python-treq <no-dsa> (Minor issue)
+ [buster] - python-treq <no-dsa> (Minor issue)
NOTE: https://github.com/twisted/treq/security/advisories/GHSA-fhpf-pp6p-55qc
NOTE: https://github.com/twisted/treq/commit/1da6022cc880bbcff59321abe02bf8498b89efb2 (release-22.1.0)
CVE-2022-23606 (Envoy is an open source edge and service proxy, designed for cloud-nat ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -32,11 +32,15 @@ ndpi/oldstable
--
nodejs (jmm)
--
+puma
+--
python-pysaml2 (jmm)
--
rpki-client/stable
new 7.6 release required libretls, which isn't in Bullseye
--
+salt
+--
sox
--
trafficserver (jmm)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd09e673a7b367bc82a13297a8a648b4c583c285
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd09e673a7b367bc82a13297a8a648b4c583c285
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220404/0aeb0872/attachment.htm>
More information about the debian-security-tracker-commits
mailing list