[Git][security-tracker-team/security-tracker][master] Track proposed bullseye-pu update for containerd

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Feb 19 15:24:38 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10c0b781 by Salvatore Bonaccorso at 2023-02-19T16:21:51+01:00
Track proposed bullseye-pu update for containerd

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2628,6 +2628,7 @@ CVE-2022-48311 (**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP D
 	NOT-FOR-US: HP
 CVE-2023-25173 (containerd is an open source container runtime. A bug was found in con ...)
 	- containerd 1.6.18~ds1-1
+	[bullseye] - containerd <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p
 CVE-2023-25172
 	RESERVED
@@ -2669,6 +2670,7 @@ CVE-2023-25154
 	RESERVED
 CVE-2023-25153 (containerd is an open source container runtime. Before versions 1.6.18 ...)
 	- containerd 1.6.18~ds1-1
+	[bullseye] - containerd <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-259w-8hf6-59c2
 CVE-2023-25152 (Wings is Pterodactyl's server control plane. Affected versions are sub ...)
 	NOT-FOR-US: Wings


=====================================
data/next-point-update.txt
=====================================
@@ -122,3 +122,7 @@ CVE-2023-20032
 	[bullseye] - clamav 0.103.8+dfsg-0+deb11u1
 CVE-2023-20052
 	[bullseye] - clamav 0.103.8+dfsg-0+deb11u1
+CVE-2023-25153
+	[bullseye] - containerd 1.4.13~ds1-1~deb11u4
+CVE-2023-25173
+	[bullseye] - containerd 1.4.13~ds1-1~deb11u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10c0b78108398e2a02403e765d246f341bfbbde0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10c0b78108398e2a02403e765d246f341bfbbde0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230219/c2c2831b/attachment.htm>

More information about the debian-security-tracker-commits mailing list