[Git][security-tracker-team/security-tracker][master] Reserve DLA-3681-1 for amanda

Sun Dec 3 09:45:30 GMT 2023


Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad87ff39 by Tobias Frost at 2023-12-03T10:45:09+01:00
Reserve DLA-3681-1 for amanda

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -91381,7 +91381,6 @@ CVE-2022-37706 (enlightenment_sys in Enlightenment before 0.25.4 allows local us
 CVE-2022-37705 (A privilege escalation flaw was found in Amanda 3.5.1 in which the bac ...)
 	- amanda 1:3.5.1-10 (bug #1029829)
 	[bullseye] - amanda <no-dsa> (Minor issue)
-	[buster] - amanda <no-dsa> (Minor issue)
 	NOTE: https://github.com/MaherAzzouzi/CVE-2022-37705
 	NOTE: https://github.com/zmanda/amanda/issues/192
 	NOTE: https://marc.info/?l=amanda-hackers&m=167437716918603&w=2
@@ -91400,7 +91399,6 @@ CVE-2022-37704 (Amanda 3.5.1 allows privilege escalation from the regular user b
 CVE-2022-37703 (In Amanda 3.5.1, an information leak vulnerability was found in the ca ...)
 	- amanda 1:3.5.1-10 (bug #1021017)
 	[bullseye] - amanda <no-dsa> (Minor issue)
-	[buster] - amanda <no-dsa> (Minor issue)
 	NOTE: https://github.com/MaherAzzouzi/CVE-2022-37703
 	NOTE: https://github.com/zmanda/amanda/issues/192
 	NOTE: https://github.com/zmanda/amanda/pull/198


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Dec 2023] DLA-3681-1 amanda - security update
+	{CVE-2022-37703 CVE-2022-37705 CVE-2023-30577}
+	[buster] - amanda 1:3.5.1-2+deb10u2
 [03 Dec 2023] DLA-3680-1 opendkim - security update
 	{CVE-2022-48521}
 	[buster] - opendkim 2.11.0~alpha-12+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -20,9 +20,6 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 To make it easier to see the entire history of an update, please append notes
 rather than remove/replace existing ones.
 
---
-amanda (tobi)
-  NOTE: 20230730: Added by Front-Desk (apo)
 --
 ansible
   NOTE: 20231202: Added by Front-Desk (Beuc)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad87ff395b6f6ef97070cd9d94b344de2127586f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad87ff395b6f6ef97070cd9d94b344de2127586f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231203/70b3f6f4/attachment-0001.htm>
