[Git][security-tracker-team/security-tracker][master] Reserve DLA-3115-1 for e17
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Mon Sep 19 11:41:17 BST 2022
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
12863832 by Emilio Pozuelo Monfort at 2022-09-19T12:41:03+02:00
Reserve DLA-3115-1 for e17
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[19 Sep 2022] DLA-3115-1 e17 - security update
+ {CVE-2022-37706}
+ [buster] - e17 0.22.4-2+deb10u1
[16 Sep 2022] DLA-3114-1 mariadb-10.3 - security update
{CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27445 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27452 CVE-2022-27456 CVE-2022-27458 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32087 CVE-2022-32088 CVE-2022-32091}
[buster] - mariadb-10.3 1:10.3.36-0+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -32,10 +32,6 @@ dovecot
NOTE: 20220913: VCS: https://salsa.debian.org/lts-team/packages/dovecot.git
NOTE: 20220913: Harmonize with bullseye: 1 CVE fixed in Debian 11.5 + 2 other postponed CVEs (Beuc/front-desk)
--
-e17 (Emilio)
- NOTE: 20220917: Programming language: C.
- NOTE: 20220917: upcoming DSA, 0-day any->root local escalation exploit (Beuc/front-desk)
---
exiv2 (Roberto C. Sánchez)
NOTE: 20220819: Programming language: C++.
NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128638323771fb9a62cbbbe69b757620c102e71e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128638323771fb9a62cbbbe69b757620c102e71e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220919/ac1689f7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list