[Git][security-tracker-team/security-tracker][master] ATS, openjdk-17 DSAs

Sun Nov 5 19:46:07 GMT 2023


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9581022 by Moritz Mühlenhoff at 2023-11-05T20:44:11+01:00
ATS, openjdk-17 DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3209,7 +3209,6 @@ CVE-2023-40372 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server
 	NOT-FOR-US: IBM
 CVE-2023-39456 (Improper Input Validation vulnerability in Apache Traffic Server with  ...)
 	- trafficserver 9.2.3+ds-1 (bug #1054427)
-	[bullseye] - trafficserver <not-affected> (Vulnerable code not present)
 	[buster] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
 	NOTE: https://github.com/apache/trafficserver/commit/4ca137b59bc6aaa25f8b14db2bdd2e72c43502e5 (9.2.3-rc0)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,11 @@
+[05 Nov 2023] DSA-5549-1 trafficserver - security update
+	{CVE-2022-47185 CVE-2023-33934 CVE-2023-39456 CVE-2023-41752 CVE-2023-44487}
+	[bullseye] - trafficserver 8.1.9+ds-1~deb11u1
+	[bookworm] - trafficserver 9.2.3+ds-1+deb12u1
+[05 Nov 2023] DSA-5548-1 openjdk-17 - security update
+	{CVE-2023-22025 CVE-2023-22081}
+	[bullseye] - openjdk-17 17.0.9+9-1~deb11u1
+	[bookworm] - openjdk-17 17.0.9+9-1~deb12u1
 [04 Nov 2023] DSA-5547-1 pmix - security update
 	{CVE-2023-41915}
 	[bullseye] - pmix 4.0.0-4.1+deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -43,9 +43,6 @@ nodejs
 --
 nova/oldstable
 --
-openjdk-17 (jmm)
-  needs a fixed jtreg6, will also be release via the security archive
---
 php-cas/oldstable
 --
 php-horde-mime-viewer/oldstable
@@ -89,7 +86,5 @@ squid
 --
 tiff (aron)
 --
-trafficserver (jmm)
---
 xen (jmm)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9581022d463a0968feed122bbc89dfdf3f5a2b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9581022d463a0968feed122bbc89dfdf3f5a2b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231105/be015a9e/attachment-0001.htm>
