[Git][security-tracker-team/security-tracker][master] triage cgal and issue DLA-3226-1

Tue Dec 6 11:45:06 GMT 2022


Helmut Grohne pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3eaeb81f by Helmut Grohne at 2022-12-06T12:43:53+01:00
triage cgal and issue DLA-3226-1

All of the TALOS-2020-1225 vulnerabilities are fixed in the same PR.
While identifying individual commits is possible, the individual patches
are incomplete and need fixes, so it is better to use the whole PR. I've
noted the merge commit for each CVE.

In one instance, the TALOS report was inaccurate and I've added a note.

DLA-2649-1 actually did the right thing and applied the whole PR. As
such, it actually did fix all of the issues. We cannot change this
aspect in the elts tracker. Thus doing here.

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -142100,44 +142100,48 @@ CVE-2020-35637
 CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35635 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35634 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35633 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35632 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35631 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35630 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35629 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2021-21433 (Discord Recon Server is a bot that allows you to do your reconnaissanc ...)
 	NOT-FOR-US: Discord Recon Server
 CVE-2021-21432 (Vela is a Pipeline Automation (CI/CD) framework built on Linux contain ...)
@@ -152568,149 +152572,184 @@ CVE-2020-28637
 CVE-2020-28636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28635 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28634 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28633 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28632 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28631 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28630 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28629 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28628 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28627 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28626 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28625 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28624 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28623 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28622 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28621 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28620 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28619 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28618 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28617 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28616 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28615 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28614 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28613 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28612 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28611 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28610 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28609 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: The code snippet in the TALOS report marks the wrong line. The description hints 4 lines earlier.
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28608 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28607 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28606 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28605 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28604 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28603 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28602 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
+	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
 CVE-2020-28601 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
 	{DLA-2649-1}
 	- cgal 5.2-3 (bug #985671)
-	[buster] - cgal <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
+	NOTE: fixup https://github.com/CGAL/cgal/commit/2e592e0027b2d85680273425161581655f4677fd
 CVE-2020-28600 (An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...)
 	- openscad 2021.01-1 (bug #996020)
 	[buster] - openscad 2019.01~RC2-2+deb10u1


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Dec 2022] DLA-3226-1 cgal - security update
+	{CVE-2020-28601 CVE-2020-28602 CVE-2020-28603 CVE-2020-28604 CVE-2020-28605 CVE-2020-28606 CVE-2020-28607 CVE-2020-28608 CVE-2020-28609 CVE-2020-28610 CVE-2020-28611 CVE-2020-28612 CVE-2020-28613 CVE-2020-28614 CVE-2020-28615 CVE-2020-28616 CVE-2020-28617 CVE-2020-28618 CVE-2020-28619 CVE-2020-28620 CVE-2020-28621 CVE-2020-28622 CVE-2020-28623 CVE-2020-28624 CVE-2020-28625 CVE-2020-28626 CVE-2020-28627 CVE-2020-28628 CVE-2020-28629 CVE-2020-28630 CVE-2020-28631 CVE-2020-28632 CVE-2020-28633 CVE-2020-28634 CVE-2020-28635 CVE-2020-28636 CVE-2020-35628 CVE-2020-35629 CVE-2020-35630 CVE-2020-35631 CVE-2020-35632 CVE-2020-35633 CVE-2020-35634 CVE-2020-35635 CVE-2020-35636}
+	[buster] - cgal 4.13-1+deb10u1
 [05 Dec 2022] DLA-3225-1 awstats - security update
 	{CVE-2022-46391}
 	[buster] - awstats 7.6+dfsg-2+deb10u2
@@ -1736,7 +1739,7 @@
 	{CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28017 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026}
 	[stretch] - exim4 4.89-2+deb9u8
 [04 May 2021] DLA-2649-1 cgal - security update
-	{CVE-2020-28601 CVE-2020-35633 CVE-2020-35634 CVE-2020-35635 CVE-2020-28636 CVE-2020-35628 CVE-2020-35636}
+	{CVE-2020-28601 CVE-2020-28602 CVE-2020-28603 CVE-2020-28604 CVE-2020-28605 CVE-2020-28606 CVE-2020-28607 CVE-2020-28608 CVE-2020-28609 CVE-2020-28610 CVE-2020-28611 CVE-2020-28612 CVE-2020-28613 CVE-2020-28614 CVE-2020-28615 CVE-2020-28616 CVE-2020-28617 CVE-2020-28618 CVE-2020-28619 CVE-2020-28620 CVE-2020-28621 CVE-2020-28622 CVE-2020-28623 CVE-2020-28624 CVE-2020-28625 CVE-2020-28626 CVE-2020-28627 CVE-2020-28628 CVE-2020-28629 CVE-2020-28630 CVE-2020-28631 CVE-2020-28632 CVE-2020-28633 CVE-2020-28634 CVE-2020-28635 CVE-2020-28636 CVE-2020-35628 CVE-2020-35629 CVE-2020-35630 CVE-2020-35631 CVE-2020-35632 CVE-2020-35633 CVE-2020-35634 CVE-2020-35635 CVE-2020-35636}
 	[stretch] - cgal 4.9-1+deb9u1
 [05 May 2021] DLA-2648-1 mediawiki - security update
 	{CVE-2021-20270 CVE-2021-27291 CVE-2021-30152 CVE-2021-30155 CVE-2021-30158 CVE-2021-30159}


=====================================
data/dla-needed.txt
=====================================
@@ -21,8 +21,6 @@ ceph
   NOTE: 20221130: Can someone take care of it in Buster? I'm currently building the Bullseye backport of the fix...
   NOTE: 20221130: https://lists.debian.org/debian-lts/2022/11/msg00025.html  (zigo/maintainer)
 --
-cgal (Helmut Grohne)
---
 consul
   NOTE: 20221031: Programming language: Go.
   NOTE: 20221031: Concluded that the package should be fixed by the CVE description. Source code not analyzed in detail.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaeb81fbc12df7045fae0382d98e9f0fcc0cc35

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaeb81fbc12df7045fae0382d98e9f0fcc0cc35
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221206/06d113ec/attachment-0001.htm>
