[Git][security-tracker-team/security-tracker][master] Reserve DLA-3681-1 for amanda
Tobias Frost (@tobi)
tobi at debian.org
Sun Dec 3 09:45:30 GMT 2023
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ad87ff39 by Tobias Frost at 2023-12-03T10:45:09+01:00
Reserve DLA-3681-1 for amanda
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -91381,7 +91381,6 @@ CVE-2022-37706 (enlightenment_sys in Enlightenment before 0.25.4 allows local us
CVE-2022-37705 (A privilege escalation flaw was found in Amanda 3.5.1 in which the bac ...)
- amanda 1:3.5.1-10 (bug #1029829)
[bullseye] - amanda <no-dsa> (Minor issue)
- [buster] - amanda <no-dsa> (Minor issue)
NOTE: https://github.com/MaherAzzouzi/CVE-2022-37705
NOTE: https://github.com/zmanda/amanda/issues/192
NOTE: https://marc.info/?l=amanda-hackers&m=167437716918603&w=2
@@ -91400,7 +91399,6 @@ CVE-2022-37704 (Amanda 3.5.1 allows privilege escalation from the regular user b
CVE-2022-37703 (In Amanda 3.5.1, an information leak vulnerability was found in the ca ...)
- amanda 1:3.5.1-10 (bug #1021017)
[bullseye] - amanda <no-dsa> (Minor issue)
- [buster] - amanda <no-dsa> (Minor issue)
NOTE: https://github.com/MaherAzzouzi/CVE-2022-37703
NOTE: https://github.com/zmanda/amanda/issues/192
NOTE: https://github.com/zmanda/amanda/pull/198
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Dec 2023] DLA-3681-1 amanda - security update
+ {CVE-2022-37703 CVE-2022-37705 CVE-2023-30577}
+ [buster] - amanda 1:3.5.1-2+deb10u2
[03 Dec 2023] DLA-3680-1 opendkim - security update
{CVE-2022-48521}
[buster] - opendkim 2.11.0~alpha-12+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -20,9 +20,6 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
To make it easier to see the entire history of an update, please append notes
rather than remove/replace existing ones.
---
-amanda (tobi)
- NOTE: 20230730: Added by Front-Desk (apo)
--
ansible
NOTE: 20231202: Added by Front-Desk (Beuc)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad87ff395b6f6ef97070cd9d94b344de2127586f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad87ff395b6f6ef97070cd9d94b344de2127586f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231203/70b3f6f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list