[Git][security-tracker-team/security-tracker][master] ATS DSA

Mon May 30 18:54:16 BST 2022


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5259d87a by Moritz Mühlenhoff at 2022-05-30T19:53:50+02:00
ATS DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[30 May 2022] DSA-5153-1 trafficserver - security update
+	{CVE-2021-37147 CVE-2021-37148 CVE-2021-37149 CVE-2021-38161 CVE-2021-44040 CVE-2021-44759}
+	[buster] - trafficserver 8.0.2+ds-1+deb10u6
+	[bullseye] - trafficserver 8.1.1+ds-1.1+deb11u1
 [30 May 2022] DSA-5152-1 spip - security update
 	[buster] - spip 3.2.4-1+deb10u8
 	[bullseye] - spip 3.2.11-3+deb11u4


=====================================
data/dsa-needed.txt
=====================================
@@ -53,10 +53,6 @@ spi (seb)
 --
 thunderbird (jmm)
 --
-trafficserver (jmm)
-  wait until status for CVE-2021-38161 is clarified (upstream patch got reverted)
-  Maintainer prepared debdiffs for review for a set of CVEs
---
 unzip
   unclear information, initial report indicates writable memory corruption, but
   some identified patch is just for a NULL deref, needs more clarification



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5259d87a4de429c86626a40e32656a0144c64a72

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5259d87a4de429c86626a40e32656a0144c64a72
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220530/57bafe2a/attachment-0001.htm>
