[Git][security-tracker-team/security-tracker][master] Reserve DLA-3369-1 for runc

Sylvain Beucler (@beuc) beuc at debian.org
Mon Mar 27 16:31:49 BST 2023 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f78e09f4 by Sylvain Beucler at 2023-03-27T17:31:35+02:00
Reserve DLA-3369-1 for runc

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[27 Mar 2023] DLA-3369-1 runc - security update
+	[buster] - runc 1.0.0~rc6+dfsg1-3+deb10u2
 [26 Mar 2023] DLA-3368-1 libreoffice - security update
 	{CVE-2021-25636 CVE-2022-3140 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307}
 	[buster] - libreoffice 1:6.1.5-3+deb10u8


=====================================
data/dla-needed.txt
=====================================
@@ -282,16 +282,6 @@ ruby-rails-html-sanitizer
   NOTE: 20221231: VCS: https://salsa.debian.org/lts-team/packages/ruby-rails-html-sanitizer.git
   NOTE: 20230303: this cannot be fixed unless ruby-loofah is fixed with appropriate methods. (utkarsh)
 --
-runc (Sylvain Beucler)
-  NOTE: 20220905: Programming language: Go.
-  NOTE: 20220905: Special attention: Sync with Bullseye.
-  NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/runc.git
-  NOTE: 20230213: Starting checking security issues, packaging strategy and testing procedures (Beuc)
-  NOTE: 20230218: golang-github-opencontainers-selinux fix uploaded via DLA-3322-1 (Beuc)
-  NOTE: 20230220: Checking possible re-introduction of CVE-2019-19921 with upstream (Beuc)
-  NOTE: 20230304: CVE-2023-27561 registered; give time for upstream to react, otherwise will publish a partial update (Beuc)
-  NOTE: 20230320: CVE-2023-27561 patch underway upstream (Beuc)
---
 salt
   NOTE: 20220814: Programming language: Python.
   NOTE: 20220814: Packages is not in the supported packages by us.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f78e09f49af11a9694451bd3dc1792def408cca0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f78e09f49af11a9694451bd3dc1792def408cca0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230327/205867c7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list