[Git][security-tracker-team/security-tracker][master] Reserve DLA-3481-1 for libusrsctp
Bastien Roucariès (@rouca)
rouca at debian.org
Thu Jul 6 23:12:53 BST 2023
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d20bdd3e by Bastien Roucariès at 2023-07-06T22:12:29+00:00
Reserve DLA-3481-1 for libusrsctp
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -242579,7 +242579,6 @@ CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote
CVE-2019-20503 (usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...)
{DSA-4645-1 DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
- libusrsctp 0.9.3.0+20200312-1 (bug #953270)
- [buster] - libusrsctp <no-dsa> (Minor issue)
- firefox 74.0-1
- firefox-esr 68.6.0esr-1
- thunderbird 1:68.6.0-1
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Jul 2023] DLA-3481-1 libusrsctp - security update
+ {CVE-2019-20503}
+ [buster] - libusrsctp 0.9.3.0+20190127-2+deb10u1
[06 Jul 2023] DLA-3480-1 ruby-redcloth - security update
{CVE-2023-31606}
[buster] - ruby-redcloth 4.3.2-3+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -115,11 +115,6 @@ libapache2-mod-auth-openidc (gladk)
libreoffice (Abhijith PA)
NOTE: 20230530: Added by Front-Desk (pochu)
--
-libusrsctp (rouca)
- NOTE: 20230612: Added by Front-Desk (opal)
- NOTE: 20230618: May need a backport see https://lists.debian.org/debian-lts/2023/06/msg00050.html (rouca)
- NOTE: 20230618: Waiting for comments
---
linux (Ben Hutchings)
NOTE: 20230111: perma-added for LTS package-specific delegation (bwh)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20bdd3e1b3cd2fc3177f85c97d1a6b5dd6db6cd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20bdd3e1b3cd2fc3177f85c97d1a6b5dd6db6cd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230706/711a0f7d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list