[Git][security-tracker-team/security-tracker][master] Reserve DLA-3062-1 for ublock-origin

Markus Koschany (@apo) apo at debian.org
Wed Jun 29 21:57:24 BST 2022 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
78b77604 by Markus Koschany at 2022-06-29T22:57:14+02:00
Reserve DLA-3062-1 for ublock-origin

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -66383,7 +66383,6 @@ CVE-2021-36773 (uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an
 	- ublock-origin 1.37.0+dfsg-1 (bug #991386)
 	[bullseye] - ublock-origin 1.37.0+dfsg-1~deb11u1
 	[buster] - ublock-origin 1.37.0+dfsg-1~deb10u1
-	[stretch] - ublock-origin <no-dsa> (Minor issue)
 	- umatrix <unfixed> (bug #991344)
 	[buster] - umatrix <no-dsa> (Minor issue)
 	NOTE: https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Jun 2022] DLA-3062-1 ublock-origin - security update
+	{CVE-2021-36773}
+	[stretch] - ublock-origin 1.42.0+dfsg-1~deb9u1
 [29 Jun 2022] DLA-3061-1 firejail - security update
 	{CVE-2022-31214}
 	[stretch] - firejail 0.9.58.2-2+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -303,11 +303,6 @@ tiff
   NOTE: 20220513: more CVEs, ugh. Probably will consider rolling out the ones
   NOTE: 20220513: that are already applied and tested and re-add tiff here. (utkarsh)
 --
-ublock-origin (Markus Koschany)
-  NOTE: 20220529: Programming language: JavaScript.
-  NOTE: 20220524: Follow buster: harmonize with with Debian 10.11 (1 CVE) (Beuc/front-desk)
-  NOTE: 20220627: New version currently in NEW. (apo)
---
 unzip
   NOTE: 20220529: Programming language: C.
   NOTE: 20220319: no patches yet but reproducible (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78b7760470cb2c92f94f36de61aa5c48717b9611

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78b7760470cb2c92f94f36de61aa5c48717b9611
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220629/6fc3d7c2/attachment.htm>

More information about the debian-security-tracker-commits mailing list