[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jan 3 15:32:56 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
98fdc069 by Moritz Muehlenhoff at 2023-01-03T16:30:37+01:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -306,6 +306,7 @@ CVE-2020-36637 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chr
NOT-FOR-US: Chris92de AdminServ
CVE-2018-25060 (A vulnerability was found in Macaron csrf and classified as problemati ...)
- golang-github-go-macaron-csrf <unfixed>
+ [bullseye] - golang-github-go-macaron-csrf <no-dsa> (Minor issue)
[buster] - golang-github-go-macaron-csrf <no-dsa> (Minor issue)
NOTE: https://github.com/go-macaron/csrf/commit/dadd1711a617000b70e5e408a76531b73187031c
NOTE: https://github.com/go-macaron/csrf/pull/7
@@ -1391,6 +1392,7 @@ CVE-2019-25084 (A vulnerability, which was classified as problematic, has been f
TODO: check
CVE-2022-47952 (lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may al ...)
- lxc <unfixed>
+ [bullseye] - lxc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2157281
NOTE: https://github.com/MaherAzzouzi/CVE-2022-47952
NOTE: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45
@@ -75182,6 +75184,7 @@ CVE-2022-23468 (xrdp is an open source project which provides a graphical login
NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8c2f-mw8m-qpx6
CVE-2022-23467 (OpenRazer is an open source driver and user-space daemon to control Ra ...)
- openrazer 3.5.1+dfsg-1
+ [bullseye] - openrazer <no-dsa> (Minor issue)
[buster] - openrazer <no-dsa> (Minor issue)
NOTE: https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7h
NOTE: https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6 (v3.5.1)
=====================================
data/dsa-needed.txt
=====================================
@@ -21,6 +21,8 @@ hsqldb (apo)
--
lava
--
+libxstream-java
+--
linux (carnil)
Wait until more issues have piled up, though try to regulary rebase for point
releases to more recent v5.10.y versions
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98fdc069b5b3818f3d1320fab5c3f8f6fd038cd4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98fdc069b5b3818f3d1320fab5c3f8f6fd038cd4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230103/d6f64cb0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list