[Git][security-tracker-team/security-tracker][master] waitress, openssl DSAs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue May 17 19:59:10 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d56205b6 by Moritz Mühlenhoff at 2022-05-17T20:58:25+02:00
waitress, openssl DSAs
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -187039,7 +187039,8 @@ CVE-2019-16793
CVE-2019-16792 (Waitress through version 1.3.1 allows request smuggling by sending the ...)
{DLA-3000-1}
- waitress 1.4.1-1
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6
NOTE: https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65
@@ -187051,7 +187052,8 @@ CVE-2019-16790 (In Tiny File Manager before 2.3.9, there is a remote code execut
CVE-2019-16789 (In Waitress through version 1.4.0, if a proxy server is used in front ...)
{DLA-3000-1 DLA-2056-1}
- waitress 1.4.1-1 (bug #947433)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4
NOTE: https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017
CVE-2019-16788
@@ -187059,14 +187061,16 @@ CVE-2019-16788
CVE-2019-16786 (Waitress through version 1.3.1 would parse the Transfer-Encoding heade ...)
{DLA-3000-1}
- waitress 1.4.1-1 (bug #947306)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
NOTE: https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 ...)
{DLA-3000-1}
- waitress 1.4.1-1 (bug #947306)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
NOTE: https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,11 @@
+[17 May 2022] DSA-5139-1 openssl - security update
+ {CVE-2022-1292}
+ [buster] - openssl 1.1.1n-0+deb10u2
+ [bullseye] - openssl 1.1.1n-0+deb11u2
+[17 May 2022] DSA-5138-1 waitress - security update
+ {CVE-2022-24761}
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [bullseye] - waitress 1.4.4-1.1+deb11u1
[17 May 2022] DSA-5137-1 needrestart - security update
{CVE-2022-30688}
[buster] - needrestart 3.4-5+deb10u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56205b69af24bb4598b926d4444ee50d9121085
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56205b69af24bb4598b926d4444ee50d9121085
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220517/9f538ba4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list