[Git][security-tracker-team/security-tracker][master] 4 commits: Add fix link to the libhtml-stripscripts-perl
Anton Gladky (@gladk)
gladk at debian.org
Wed Jan 25 05:46:32 GMT 2023
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a16069d by Anton Gladky at 2023-01-25T06:24:14+01:00
Add fix link to the libhtml-stripscripts-perl
- - - - -
ffc35fcd by Anton Gladky at 2023-01-25T06:28:55+01:00
LTS: add libhtml-stripscripts-perl to dla-needed.txt
- - - - -
6c96ab38 by Anton Gladky at 2023-01-25T06:39:18+01:00
LTS: add golang-yaml.v2 to dla-needed.txt
- - - - -
f5bd72e6 by Anton Gladky at 2023-01-25T06:45:04+01:00
LTS: add sofia-sip to dla-needed.txt
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1071,6 +1071,7 @@ CVE-2023-24039 (** UNSUPPORTED WHEN ASSIGNED ** A stack-based buffer overflow in
CVE-2023-24038 (The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_ ...)
- libhtml-stripscripts-perl 1.06-4 (bug #1029400)
NOTE: https://github.com/clintongormley/perl-html-stripscripts/issues/3
+ NOTE: https://github.com/clintongormley/perl-html-stripscripts/pull/4
CVE-2023-24037
RESERVED
CVE-2023-24036
=====================================
data/dla-needed.txt
=====================================
@@ -101,6 +101,11 @@ golang-websocket
NOTE: 20220915: 1 CVE fixed in stretch and bullseye (golang-github-gorilla-websocket) (Beuc/front-desk)
NOTE: 20220915: Special attention: limited support; requires rebuilding reverse dependencies
--
+golang-yaml.v2
+ NOTE: 20230125: Programming language: Go.
+ NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/golang-yaml.v2.git
+ NOTE: 20230125: Special attention: limited support; requires rebuilding reverse build dependencies (though recent bullseye updates didn't).
+--
graphite-web
NOTE: 20221229: Programming language: Python.
--
@@ -122,6 +127,10 @@ libapache2-mod-auth-mellon
NOTE: 20230105: Programming language: C.
NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk)
--
+libhtml-stripscripts-perl
+ NOTE: 20230125: Programming language: Perl.
+ NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/libhtml-stripscripts-perl.git
+--
libreoffice
NOTE: 20221012: Programming language: C++.
NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git
@@ -325,6 +334,10 @@ snort (Markus Koschany)
NOTE: 20230121: Prepared new upstream version for unstable which we could
NOTE: 20230121: backport to buster later. See https://bugs.debian.org/1021276
--
+sofia-sip
+ NOTE: 20230125: Programming language: C.
+ NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/sofia-sip.git
+--
sox
NOTE: 20220818: Programming language: C.
NOTE: 20220818: Requires some investigation; see #1012138 etc.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/24a110dd2b485ff3413d8325916c5c7161215086...f5bd72e6efcb5a14077c4f09dd44e29ec62f4602
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/24a110dd2b485ff3413d8325916c5c7161215086...f5bd72e6efcb5a14077c4f09dd44e29ec62f4602
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230125/5d375cf2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list