[Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage ghostscript for stretch LTS (CVE-2021-45944 & CVE-2021-45949)

Chris Lamb (@lamby) lamby at debian.org
Mon Jan 3 16:26:13 GMT 2022 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e71f99b7 by Chris Lamb at 2022-01-03T16:22:25+00:00
data/dla-needed.txt: Triage ghostscript for stretch LTS (CVE-2021-45944 & CVE-2021-45949)

- - - - -
7650692a by Chris Lamb at 2022-01-03T16:22:45+00:00
Triage CVE-2021-43854 in nltk for stretch LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -6979,6 +6979,7 @@ CVE-2021-43854 (NLTK (Natural Language Toolkit) is a suite of open source Python
 	- nltk <unfixed> (bug #1002623)
 	[bullseye] - nltk <no-dsa> (Minor issue)
 	[buster] - nltk <no-dsa> (Minor issue)
+	[stretch] - nltk <no-dsa> (Minor issue)
 	NOTE: https://github.com/nltk/nltk/security/advisories/GHSA-f8m6-h2c7-8h9x
 	NOTE: https://github.com/nltk/nltk/issues/2866
 	NOTE: https://github.com/nltk/nltk/pull/2869


=====================================
data/dla-needed.txt
=====================================
@@ -45,6 +45,8 @@ firmware-nonfree (Markus Koschany)
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag
   NOTE: 20211207: Intend to release this week.
 --
+ghostscript
+--
 gpac (Roberto C. Sánchez)
   NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto)
   NOTE: 20211120: received OK from secteam for buster update, working on stretch/buster in parallel (roberto)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/35d25521bbd30e038df081a17c1cde6db6843e8e...7650692ae803f7735e3cdfa47eab5dae2e088667

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/35d25521bbd30e038df081a17c1cde6db6843e8e...7650692ae803f7735e3cdfa47eab5dae2e088667
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220103/c36ff73f/attachment.htm>

More information about the debian-security-tracker-commits mailing list