[Git][security-tracker-team/security-tracker][master] Reserve DLA-3190-2 for grub2

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac867ab6 by Salvatore Bonaccorso at 2022-12-10T09:16:10+01:00
Reserve DLA-3190-2 for grub2

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[10 Dec 2022] DLA-3190-2 grub2 - security update
+	{CVE-2022-2601 CVE-2022-3775}
+	[buster] - grub2 2.06-3~deb10u3
 [08 Dec 2022] DLA-3233-1 leptonlib - security update
 	{CVE-2022-38266}
 	[buster] - leptonlib 1.76.0-1+deb10u2


=====================================
data/dla-needed.txt
=====================================
@@ -84,11 +84,6 @@ golang-websocket
   NOTE: 20220915: 1 CVE fixed in stretch and bullseye (golang-github-gorilla-websocket) (Beuc/front-desk)
   NOTE: 20220915: Special attention: limited support; requires rebuilding reverse dependencies
 --
-grub2 (Salvatore Bonaccorso, Steve McIntyre)
-  NOTE: 20221208: Programming language: C.
-  NOTE: 20221208: Incorrectly/not-applied applied in DLA-3190-1
-  NOTE: 20221209: VCS: https://salsa.debian.org/lts-team/packages/grub.git
---
 hsqldb (Markus Koschany)
   NOTE: 20221031: Programming language: Java.
   NOTE: 20221031: To be investigated further. A possible outcome is to ignore it.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac867ab649033497545b92348b8496fd227936c7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac867ab649033497545b92348b8496fd227936c7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221210/9f0b88a3/attachment-0001.htm>