[Git][security-tracker-team/security-tracker][master] Mark CVE-2021-39214, CVE-2021-39214 as ignored for stretch. Lot
Abhijith PA (@abhijith)
abhijith at debian.org
Thu Apr 28 08:03:42 BST 2022
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
64ce5505 by Abhijith PA at 2022-04-28T12:32:50+05:30
Mark CVE-2021-39214, CVE-2021-39214 as ignored for stretch. Lot
of code refactoring done in later versions making hard to backport.
Partial fix can be done but not worth the effort.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -14072,6 +14072,7 @@ CVE-2022-24766 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy.
- mitmproxy <unfixed> (bug #1008948)
[bullseye] - mitmproxy <no-dsa> (Minor issue)
[buster] - mitmproxy <no-dsa> (Minor issue)
+ [stretch] - mitmproxy <ignored> (Minor issue, intrusive to backport)
NOTE: https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-gcx2-gvj7-pxv3
NOTE: https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b (v8.0.0)
CVE-2022-24765 (Git for Windows is a fork of Git containing Windows-specific patches. ...)
@@ -45770,7 +45771,7 @@ CVE-2021-39214 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy.
- mitmproxy <unfixed> (bug #994570)
[bullseye] - mitmproxy <no-dsa> (Minor issue)
[buster] - mitmproxy <no-dsa> (Minor issue)
- [stretch] - mitmproxy <no-dsa> (Minor issue)
+ [stretch] - mitmproxy <ignored> (Minor issue, intrusive to backport)
NOTE: https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38
CVE-2021-39213 (GLPI is a free Asset and IT management software package. Starting in v ...)
- glpi <removed> (unimportant)
=====================================
data/dla-needed.txt
=====================================
@@ -112,8 +112,6 @@ mbedtls (Utkarsh)
NOTE: 20220404: update prepared, needs testing. (utkarsh)
NOTE: 20220419: waiting for a quick feedback from carnil. (utkarsh)
--
-mitmproxy
---
mruby
--
mutt (Utkarsh)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64ce55053ebfc2eecc47d764ebc8e15976d4eca0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64ce55053ebfc2eecc47d764ebc8e15976d4eca0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220428/63b3c346/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list