[Git][security-tracker-team/security-tracker][master] 2 commits: Claim ini4j in dla-needed.txt
Markus Koschany (@apo)
apo at debian.org
Sun Nov 27 22:29:07 GMT 2022
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02490bd0 by Markus Koschany at 2022-11-27T23:27:51+01:00
Claim ini4j in dla-needed.txt
- - - - -
3f7f5edd by Markus Koschany at 2022-11-27T23:28:52+01:00
Reserve DLA-3208-1 for varnish
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -194003,7 +194003,6 @@ CVE-2020-11654
RESERVED
CVE-2020-11653 (An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6 ...)
- varnish 6.4.0-1 (bug #956307)
- [buster] - varnish <postponed> (Can be fixed along in next DSA)
[stretch] - varnish <not-affected> (Only affects 6.x)
[jessie] - varnish <not-affected> (Only affects 6.x)
NOTE: https://varnish-cache.org/security/VSV00005.html#vsv00005
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Nov 2022] DLA-3208-1 varnish - security update
+ {CVE-2020-11653 CVE-2022-45060}
+ [buster] - varnish 6.1.1-1+deb10u4
[27 Nov 2022] DLA-3207-1 jackson-databind - security update
{CVE-2020-36518 CVE-2022-42003 CVE-2022-42004}
[buster] - jackson-databind 2.9.8-3+deb10u4
=====================================
data/dla-needed.txt
=====================================
@@ -89,7 +89,7 @@ imagemagick (Roberto C. Sánchez)
NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git
NOTE: 20220904: Should be synced with Stretch. (apo)
--
-ini4j
+ini4j (Markus Koschany)
NOTE: 20221012: Programming language: Java.
NOTE: 20221012: Require investigation (lamby)
--
@@ -331,10 +331,6 @@ trafficserver
twisted (Dominik George)
NOTE: 20221030: Programming language: Python.
--
-varnish (Markus Koschany)
- NOTE: 20221109: Programming language: C.
- NOTE: 20221109: First DLA, 3 minor CVEs to fix (Beuc/front-desk)
---
virglrenderer (Thorsten Alteholz)
NOTE: 20221009: Programming language: C.
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1af13e3376f0932c4781fd9a7241373b91e149e8...3f7f5edd18002d34426498de0b7eb14a7e3506da
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1af13e3376f0932c4781fd9a7241373b91e149e8...3f7f5edd18002d34426498de0b7eb14a7e3506da
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221127/815b0f8f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list