[Git][security-tracker-team/security-tracker][master] 2 commits: Added android-platform-system-core to dla-needed with a note that it can be...

Ola Lundqvist (@opal) opal at debian.org
Wed Nov 2 21:45:43 GMT 2022 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
829927b2 by Ola Lundqvist at 2022-11-02T22:45:17+01:00
Added android-platform-system-core to dla-needed with a note that it can be considered for ignoring if the Debian Security team see the CVEs as minor issues. It is a non-trivial decision.

- - - - -
d2f6ceed by Ola Lundqvist at 2022-11-02T22:45:18+01:00
Added ruby-rails-html-sanitizer to dla-needed.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -12,6 +12,11 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 To make it easier to see the entire history of an update, please append notes
 rather than remove/replace existing ones.
 
+--
+android-platform-system-core
+  NOTE: 20221102: Programming language: C++.
+  NOTE: 20221102: The package in buster is likely affected but since no known fix is available it is hard to tell without running the proof of concept code.
+  NOTE: 20221102: Consider ignoring this if Debian Security team see the CVEs as minor.
 --
 asterisk (Markus Koschany)
   NOTE: 20220810: Programming language: C.
@@ -231,6 +236,10 @@ rainloop
   NOTE: 20220913: also there's an unofficial one for CVE-2022-29360;
   NOTE: 20220913: Evaluate the situation and decide whether we should support or EOL this package (Beuc/front-desk)
 --
+ruby-rails-html-sanitizer
+  NOTE: 20221102: Programming language: Ruby.
+  NOTE: 20221102: VCS: https://salsa.debian.org/lts-team/packages/ruby-rails-html-sanitizer.git
+--
 runc
   NOTE: 20220905: Programming language: Go.
   NOTE: 20220905: Special attention: Sync with Bullseye.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6c385a07b44db6c5f05f8e9699d5a4e4777e2136...d2f6ceedab006305b112ab87698b9e09243f3187

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6c385a07b44db6c5f05f8e9699d5a4e4777e2136...d2f6ceedab006305b112ab87698b9e09243f3187
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221102/d36e9d1a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list