[Git][security-tracker-team/security-tracker][master] Reserve DLA-3193-1 for joblib

[Dominik George (@natureshadow)]

Dominik George pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cbb8486e by Dominik George at 2022-11-17T11:37:28+01:00
Reserve DLA-3193-1 for joblib

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[17 Nov 2022] DLA-3193-1 joblib - security update
+	{CVE-2022-21797}
+	[buster] - joblib 0.13.0-2+deb10u1
 [17 Nov 2022] DLA-3192-1 lava - security update
 	{CVE-2022-42902}
 	[buster] - lava 2019.01-5+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -114,9 +114,6 @@ jhead
   NOTE: 20221031: Note that multiple options are vulnerable. The attacker have to trick someone to execute the command but arbitrary code exectuion is not good..
   NOTE: 20221031: It should be stated in the DLA that multiple options are affected..
 --
-joblib (Dominik George)
-  NOTE: 20221006: Programming language: Python.
---
 jqueryui
   NOTE: 20221111: Programming language: JavaScript.
   NOTE: 20221111: Follow fixes from bullseye 11.2 (and jessie/elts) (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb8486e374a58925340fc83d6fe8106e1e25800

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb8486e374a58925340fc83d6fe8106e1e25800
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221117/6a6801db/attachment.htm>