[Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update

Wed May 31 15:42:48 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df95b38b by Salvatore Bonaccorso at 2023-05-31T16:42:20+02:00
Reserve DSA number for openssl update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -22843,21 +22843,18 @@ CVE-2023-0467 (The WP Dark Mode WordPress plugin before 4.0.8 does not properly
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to implicit ...)
 	- openssl 3.0.9-1 (bug #1034720)
-	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)
 	NOTE: https://www.openssl.org/news/secadv/20230328.txt
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51e8a84ce742db0f6c70510d0159dad8f7825908 (openssl-3.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a (OpenSSL_1_1_1-stable)
 CVE-2023-0465 (Applications that use a non-default option when verifying certificates ...)
 	- openssl 3.0.9-1 (bug #1034720)
-	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)
 	NOTE: https://www.openssl.org/news/secadv/20230328.txt
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1dd43e0709fece299b15208f36cc7c76209ba0bb (openssl-3.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b013765abfa80036dc779dd0e50602c57bb3bf95 (OpenSSL_1_1_1-stable)
 CVE-2023-0464 (A security vulnerability has been identified in all supported versions ...)
 	- openssl 3.0.9-1 (bug #1034720)
-	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)
 	NOTE: https://www.openssl.org/news/secadv/20230322.txt
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1 (openssl-3.0)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[31 May 2023] DSA-5417-1 openssl - security update
+	{CVE-2023-0464 CVE-2023-0465 CVE-2023-0466 CVE-2023-2650}
+	[bullseye] - openssl 1.1.1n-0+deb11u5
 [31 May 2023] DSA-5416-1 connman - security update
 	{CVE-2023-28488}
 	[bullseye] - connman 1.36-2.2+deb11u2


=====================================
data/dsa-needed.txt
=====================================
@@ -39,8 +39,6 @@ openjdk-11 (jmm)
 --
 openjdk-17 (jmm)
 --
-openssl (carnil)
---
 owslib
 --
 php-cas



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df95b38b777908388089bc2a7687f8e3d3589e26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df95b38b777908388089bc2a7687f8e3d3589e26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230531/50cb9a00/attachment.htm>
