[Git][security-tracker-team/security-tracker][master] Reserve DLA-3209-1 for ini4j

[Markus Koschany (@apo)]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9dc57b5b by Markus Koschany at 2022-11-28T11:08:10+01:00
Reserve DLA-3209-1 for ini4j

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Nov 2022] DLA-3209-1 ini4j - security update
+	{CVE-2022-41404}
+	[buster] - ini4j 0.5.4-1~deb10u1
 [27 Nov 2022] DLA-3208-1 varnish - security update
 	{CVE-2020-11653 CVE-2022-45060}
 	[buster] - varnish 6.1.1-1+deb10u4


=====================================
data/dla-needed.txt
=====================================
@@ -89,10 +89,6 @@ imagemagick (Roberto C. Sánchez)
   NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git
   NOTE: 20220904: Should be synced with Stretch. (apo)
 --
-ini4j (Markus Koschany)
-  NOTE: 20221012: Programming language: Java.
-  NOTE: 20221012: Require investigation (lamby)
---
 jhead (Markus Koschany)
   NOTE: 20221031: Programming language: C.
   NOTE: 20221031: Note that multiple options are vulnerable. The attacker have to trick someone to execute the command but arbitrary code exectuion is not good..



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dc57b5b6216f8efc8485acaacfea76543a45aa3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dc57b5b6216f8efc8485acaacfea76543a45aa3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221128/61e829b3/attachment.htm>