[Git][security-tracker-team/security-tracker][master] Reserve DLA-3705-1 for php-guzzlehttp-psr7
Guilhem Moulin (@guilhem)
guilhem at debian.org
Sun Dec 31 22:44:22 GMT 2023
Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits:
984a4c0f by Guilhem Moulin at 2023-12-31T22:43:42+00:00
Reserve DLA-3705-1 for php-guzzlehttp-psr7
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -41238,7 +41238,6 @@ CVE-2023-29198 (Electron is a framework which lets you write cross-platform desk
CVE-2023-29197 (guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. ...)
- php-guzzlehttp-psr7 2.4.5-1 (bug #1034581)
[bullseye] - php-guzzlehttp-psr7 1.7.0-1+deb11u2
- [buster] - php-guzzlehttp-psr7 <no-dsa> (Minor issue)
- php-nyholm-psr7 1.5.1-2 (bug #1034597)
[bullseye] - php-nyholm-psr7 1.3.2-2+deb11u1
NOTE: https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Dec 2023] DLA-3705-1 php-guzzlehttp-psr7 - security update
+ {CVE-2023-29197}
+ [buster] - php-guzzlehttp-psr7 1.4.2-0.1+deb10u2
[31 Dec 2023] DLA-3704-1 xerces-c - security update
{CVE-2023-37536}
[buster] - xerces-c 3.2.2+debian-1+deb10u2
=====================================
data/dla-needed.txt
=====================================
@@ -174,10 +174,6 @@ nvidia-cuda-toolkit
paramiko
NOTE: 20231225: Added by Front-Desk (ta)
--
-php-guzzlehttp-psr7 (guilhem)
- NOTE: 20231230: Added by Front-Desk (lamby)
- NOTE: 20231230: CVE-2023-29197 already fixed in bullseye via DSA or point release (lamby)
---
postfix
NOTE: 20231224: Added by Front-Desk (ta)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/984a4c0fa2871aacbc88cbc281cb3567a9595fd1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/984a4c0fa2871aacbc88cbc281cb3567a9595fd1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231231/82505e1b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list