[Git][security-tracker-team/security-tracker][master] 3 commits: add maven-shared-utils

Sun Jun 5 23:34:47 BST 2022


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e47085ad by Thorsten Alteholz at 2022-06-06T00:20:39+02:00
add maven-shared-utils

- - - - -
0a32d595 by Thorsten Alteholz at 2022-06-06T00:31:09+02:00
mark CVE-2022-30629 as not-affected for Stretch

- - - - -
87910bf6 by Thorsten Alteholz at 2022-06-06T00:34:08+02:00
update note

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4556,7 +4556,9 @@ CVE-2022-30629
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <removed>
+	[stretch] - golang-1.8 <not-affected> (Vulnerable code - TLS1.3 - introduced later)
 	- golang-1.7 <removed>
+	[stretch] - golang-1.7 <not-affected> (Vulnerable code - TLS1.3 - introduced later)
 	NOTE: https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg
 	NOTE: https://go.dev/issue/52814
 	NOTE: https://github.com/golang/go/commit/c838098c327a1b6d63446f4722e943b02d235d78 (go1.18.3)


=====================================
data/dla-needed.txt
=====================================
@@ -1,4 +1,4 @@
-An LTS security update is needed for the following source packages.
+A1n LTS security update is needed for the following source packages.
 When you add a new entry, please keep the list alphabetically sorted.
 
 The specific CVE IDs do not need to be listed, they can be gathered in an up-to-date manner from
@@ -147,7 +147,7 @@ librecad (Chris Lamb)
 --
 libvirt (Thorsten Alteholz)
   NOTE: 20220529: Programming language: C.
-  NOTE: 20220522: testing package
+  NOTE: 20220606: testing package
 --
 linux (Ben Hutchings)
   NOTE: 20220529: Programming language: C.
@@ -168,6 +168,9 @@ mariadb-10.1
   NOTE: 20220529: Programming language: C.
   NOTE: 20220222: Can be risky. Please consider backporting mariadb-10.3. See discussion https://lists.debian.org/debian-lts/2022/02/msg00005.html and coordinate with maintainer (Anton)
 --
+maven-shared-utils
+  NOTE: 20220606: Programming language: Java.
+--
 mbedtls (Utkarsh)
   NOTE: 20220529: Programming language: C.
   NOTE: 20220404: update prepared, needs testing. (utkarsh)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2b51fafd6f5baeb615b5a991a46cf9f0ee30b25f...87910bf69cfc929611cbba1933f8a5878d4a6c65

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2b51fafd6f5baeb615b5a991a46cf9f0ee30b25f...87910bf69cfc929611cbba1933f8a5878d4a6c65
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220605/5eb8bc09/attachment-0001.htm>
