[Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo

Sylvain Beucler (@beuc) beuc at debian.org
Sat May 28 10:26:03 BST 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b5981190 by Sylvain Beucler at 2022-05-28T11:24:24+02:00
Fix typo

- - - - -
75260e87 by Sylvain Beucler at 2022-05-28T11:24:24+02:00
dla: add pyjwt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3218,9 +3218,9 @@ CVE-2022-30596 (A flaw was found in moodle where ID numbers displayed when bulk
 	- moodle <removed>
 CVE-2022-30595 (libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow i ...)
 	- pillow 9.1.1-1
-	[bullseye] - pillow <not-affected> (Vulnerable code introduce later)
-	[buster] - pillow <not-affected> (Vulnerable code introduce later)
-	[stretch] - pillow <not-affected> (Vulnerable code introduce later)
+	[bullseye] - pillow <not-affected> (Vulnerable code introduced later)
+	[buster] - pillow <not-affected> (Vulnerable code introduced later)
+	[stretch] - pillow <not-affected> (Vulnerable code introduced later)
 	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.1.1.html#security
 	NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/0d729941a89af9e00d9d01d14ec144ab358410cd (9.1.0)
 	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/c846cc881ebe34e3518412c2e3636433d9947280 (9.1.1)


=====================================
data/dla-needed.txt
=====================================
@@ -203,6 +203,8 @@ postgresql-9.6
 puppet-module-puppetlabs-firewall
   NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc/front-desk)
 --
+pyjwt
+--
 qemu
   NOTE: 20220527: a few new CVEs since last DLA, and buster got no updates since 2 years,
   NOTE: 20220527: so maybe coordinate to start anticipating the next LTS (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7317e706a5c229fc2d7d71d017c1a7ec7613e233...75260e87915afc9d4235d60acaa020b51e29f215

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7317e706a5c229fc2d7d71d017c1a7ec7613e233...75260e87915afc9d4235d60acaa020b51e29f215
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220528/a3332a6a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list