[Git][security-tracker-team/security-tracker][master] Reserve DLA-3322-1 for golang-github-opencontainers-selinux
Sylvain Beucler (@beuc)
beuc at debian.org
Sat Feb 18 17:00:48 GMT 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a311e22 by Sylvain Beucler at 2023-02-18T18:01:02+01:00
Reserve DLA-3322-1 for golang-github-opencontainers-selinux
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -251669,7 +251669,6 @@ CVE-2019-16884 (runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and
[buster] - runc <no-dsa> (Minor issue)
[stretch] - runc <no-dsa> (Minor issue)
- golang-github-opencontainers-selinux 1.3.0-2 (bug #942027)
- [buster] - golang-github-opencontainers-selinux <no-dsa> (Minor issue)
NOTE: https://github.com/opencontainers/runc/issues/2128
NOTE: https://github.com/opencontainers/runc/commit/331692baa7afdf6c186f8667cb0e6362ea0802b3 (v1.0.0-rc9)
NOTE: runc mitigation: https://github.com/opencontainers/runc/pull/2130 (v1.0.0-rc9)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Feb 2023] DLA-3322-1 golang-github-opencontainers-selinux - security update
+ {CVE-2019-16884}
+ [buster] - golang-github-opencontainers-selinux 1.0.0~rc1+git20170621.5.4a2974b-1+deb10u1
[18 Feb 2023] DLA-3321-1 gnutls28 - security update
{CVE-2023-0361}
[buster] - gnutls28 3.6.7-4+deb10u10
=====================================
data/dla-needed.txt
=====================================
@@ -78,11 +78,6 @@ golang-github-nats-io-jwt
NOTE: 20221109: Special attention: limited support, cf. buster release notes; not in bullseye
NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/golang-github-nats-io-jwt.git
--
-golang-github-opencontainers-selinux (Sylvain Beucler)
- NOTE: 20230216: Programming language: Go.
- NOTE: 20230216: VCS: https://salsa.debian.org/lts-team/packages/golang-github-opencontainers-selinux.git
- NOTE: 20230216: Carries part of the fixes for CVE-2019-16884/runc below (Beuc)
---
golang-go.crypto
NOTE: 20220915: Programming language: Go.
NOTE: 20220915: 3 CVEs fixed in stretch and bullseye (Beuc/front-desk)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a311e22bede8f8b66413f5a6ca0d68ab04ba825
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a311e22bede8f8b66413f5a6ca0d68ab04ba825
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230218/3a06ac7b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list