[Git][security-tracker-team/security-tracker][master] Remove tracking for apache2 via bullseye-pu as pending in next DSA

Sat Mar 18 20:52:06 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d6c254c by Salvatore Bonaccorso at 2023-03-18T21:51:30+01:00
Remove tracking for apache2 via bullseye-pu as pending in next DSA

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -47827,7 +47827,6 @@ CVE-2022-3072 (Cross-site Scripting (XSS) - Stored in GitHub repository francois
 CVE-2006-20001 (A carefully crafted If: request header can cause a memory read, or wri ...)
 	{DLA-3351-1}
 	- apache2 2.4.55-1
-	[bullseye] - apache2 <no-dsa> (Minor update; update proposed via bullseye-pu)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/01/17/5
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2006-20001
 CVE-2022-XXXX [wordpress 6.0.3]
@@ -52580,7 +52579,6 @@ CVE-2022-37437 (When using Ingest Actions to configure a destination that reside
 CVE-2022-37436 (Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the  ...)
 	{DLA-3351-1}
 	- apache2 2.4.55-1
-	[bullseye] - apache2 <no-dsa> (Minor update; update proposed via bullseye-pu)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/01/17/7
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-37436
 CVE-2022-37435 (Apache ShenYu Admin has insecure permissions, which may allow low-priv ...)
@@ -54508,7 +54506,6 @@ CVE-2022-36761
 CVE-2022-36760 (Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling' ...)
 	{DLA-3351-1}
 	- apache2 2.4.55-1
-	[bullseye] - apache2 <no-dsa> (Minor update; update proposed via bullseye-pu)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/01/17/6
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-36760
 CVE-2022-36759 (Online Food Ordering System v1.0 was discovered to contain a SQL injec ...)


=====================================
data/next-point-update.txt
=====================================
@@ -88,12 +88,6 @@ CVE-2022-47952
 	[bullseye] - lxc 1:4.0.6-2+deb11u2
 CVE-2022-22728
 	[bullseye] - libapreq2 2.13-7+deb11u1
-CVE-2006-20001
-	[bullseye] - apache2 2.4.55-1~deb11u1
-CVE-2022-36760
-	[bullseye] - apache2 2.4.55-1~deb11u1
-CVE-2022-37436
-	[bullseye] - apache2 2.4.55-1~deb11u1
 CVE-2022-38223
 	[bullseye] - w3m 0.5.3+git20210102-6+deb11u1
 CVE-2022-4883



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6c254c7a0141f93e9548f52c75b9ab7ab857af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6c254c7a0141f93e9548f52c75b9ab7ab857af
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230318/dbf6a13c/attachment-0001.htm>
