[Git][security-tracker-team/security-tracker][master] CVE-2022-0217/prosody: stretch ignored
Sylvain Beucler (@beuc)
beuc at debian.org
Mon Jan 24 19:45:24 GMT 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21e1e796 by Sylvain Beucler at 2022-01-24T20:45:03+01:00
CVE-2022-0217/prosody: stretch ignored
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2108,6 +2108,7 @@ CVE-2022-0217 [Unauthenticated Remote Denial of Service Attack in the WebSocket
RESERVED
{DSA-5047-1}
- prosody 0.11.12-1 (bug #1003696)
+ [stretch] - prosody <ignored> (websocket module introduced in 0.10.0; internal XML API only used on trusted data)
NOTE: https://prosody.im/security/advisory_20220113/
NOTE: Patch: https://prosody.im/security/advisory_20220113/1.patch
NOTE: https://hg.prosody.im/0.11/raw-rev/783056b4e448
=====================================
data/dla-needed.txt
=====================================
@@ -86,9 +86,6 @@ pgbouncer (Christoph Berg)
pjproject
NOTE: 20211230: patch available for the no-dsa issue, check its NOTE (pochu)
--
-prosody (Sylvain Beucler)
- NOTE: 20220114: upcoming DSA (Beuc)
---
python2.7 (Anton)
NOTE: 20220112: 3 postponed CVEs (Beuc)
NOTE: 20220124: WIP
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e1e796f17787d599bccadca7e9c92b6b056aa1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e1e796f17787d599bccadca7e9c92b6b056aa1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220124/f3659526/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list