[Git][security-tracker-team/security-tracker][master] sleuthkit DLA

Mon Jun 20 14:18:28 BST 2022


Andreas Rönnquist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3bd4b37 by Andreas Rönnquist at 2022-06-20T15:17:45+02:00
sleuthkit DLA

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -162471,7 +162471,6 @@ CVE-2020-10232 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a
 	{DLA-2137-1}
 	- sleuthkit 4.9.0+dfsg-2 (low; bug #953976)
 	[buster] - sleuthkit 4.6.5-1+deb10u1
-	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1836
 	NOTE: https://github.com/sleuthkit/sleuthkit/commit/459ae818fc8dae717549810150de4d191ce158f1
 CVE-2020-10231 (TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_17 ...)
@@ -245596,7 +245595,6 @@ CVE-2018-19498 (The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server
 CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs. ...)
 	{DLA-1610-1}
 	- sleuthkit 4.6.5-1 (low; bug #914796)
-	[stretch] - sleuthkit <no-dsa> (Minor issue)
 	NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374
 	NOTE: https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d
 CVE-2018-19496 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 Jun 2022] DLA-3054-1 sleuthkit - security update
+	{CVE-2017-13755 CVE-2017-13756 CVE-2017-13760 CVE-2018-19497 CVE-2020-10232 CVE-2020-1010065}
+	[stretch] - sleuthkit 4.4.0-5+deb9u1
 [20 Jun 2022] DLA-3053-1 vim - security update
 	{CVE-2021-3903 CVE-2022-0417 CVE-2022-0943 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2124 CVE-2022-2126}
 	[stretch] - vim 2:8.0.0197-4+deb9u7


=====================================
data/dla-needed.txt
=====================================
@@ -284,10 +284,6 @@ samba
   NOTE: 20220110: fix applied, but will need a second opinion. (utkarsh)
   NOTE: 20220125: ftbfs, wip. (utkarsh)
 --
-sleuthkit (Andreas Rönnquist)
-  NOTE: 20220529: Programming language: C++.
-  NOTE: 20220524: Follow buster: harmonize with with Debian 10.0 and 10.7 (2 CVEs) (Beuc/front-desk)
---
 slurm-llnl
   NOTE: 20220529: Programming language: C.
   NOTE: 20220516: Checking the code it looks like the patches will apply so the code is clearly vulnerable.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3bd4b37f84b07fad8e69d2ae03b9b2a47802762

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3bd4b37f84b07fad8e69d2ae03b9b2a47802762
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220620/aa3fa49f/attachment-0001.htm>
