[Git][security-tracker-team/security-tracker][master] Reserve DLA-3487-1 for fusiondirectory

Tobias Frost (@tobi) tobi at debian.org
Sat Jul 8 14:51:59 BST 2023 


Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13fdba2a by Tobias Frost at 2023-07-08T15:51:42+02:00
Reserve DLA-3487-1 for fusiondirectory

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[08 Jul 2023] DLA-3487-1 fusiondirectory - security update
+	{CVE-2022-36179 CVE-2022-36180}
+	[buster] - fusiondirectory 1.2.3-4+deb10u2
 [08 Jul 2023] DLA-3486-1 ocsinventory-server - security update
 	[buster] - ocsinventory-server 2.5+dfsg1-1+deb10u1
 [08 Jul 2023] DLA-3485-1 php-cas - security update


=====================================
data/dla-needed.txt
=====================================
@@ -54,16 +54,6 @@ flatpak
   NOTE: 20230620: Added by Front-Desk (Beuc)
   NOTE: 20230620: Follow fixes from bullseye 11.7 (2 CVEs) (Beuc/front-desk)
 --
-fusiondirectory (Abhijith PA)
-  NOTE: 20221203: Added by Front-Desk (gladk)
-  NOTE: 20221203: Please evaluate, whether the package can be fixed (gladk).
-  NOTE: 20221203: Two CVEs have only mitigation, fix in a new version (gladk).
-  NOTE: 20221203: Also the package was removed from sid recently (gladk).
-  NOTE: 20221203: Feel free to marke both CVEs as <ignored>, if they are not too serious (gladk).
-  NOTE: 20230523: Added upstream commit references to security tracker. Patched our version, testing (abhijith)
-  NOTE: 20230627: Coordinate with upload of php-cas as php-cas will break fusiondirectory. (tobi)
-  NOTE: 20230627: See: https://lists.debian.org/debian-lts/2023/06/msg00058.html
---
 glib2.0 (santiago)
   NOTE: 20230612: Added by Front-Desk (apo)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13fdba2af151853d5ea27c5b872fd51bb81e746a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13fdba2af151853d5ea27c5b872fd51bb81e746a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230708/38c862ac/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list