[Git][security-tracker-team/security-tracker][master] Reserve DLA-3650-1 for audiofile
Bastien Roucariès (@rouca)
rouca at debian.org
Sun Nov 12 21:45:39 GMT 2023
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
47381688 by Bastien Roucariès at 2023-11-12T21:45:17+00:00
Reserve DLA-3650-1 for audiofile
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -125852,7 +125852,6 @@ CVE-2022-24599 (In autofile Audio File Library 0.3.6, there exists one memory le
- audiofile <unfixed> (bug #1008017)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <no-dsa> (Minor issue)
- [buster] - audiofile <no-dsa> (Minor issue)
[stretch] - audiofile <no-dsa> (Minor issue)
NOTE: https://github.com/mpruett/audiofile/issues/60
CVE-2022-24598
@@ -309082,7 +309081,6 @@ CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one NU
- audiofile <unfixed> (low; bug #931343)
[bookworm] - audiofile <no-dsa> (Minor issue)
[bullseye] - audiofile <ignored> (Minor issue)
- [buster] - audiofile <ignored> (Minor issue)
[stretch] - audiofile <no-dsa> (Minor issue)
[jessie] - audiofile <postponed> (Minor issue, local DoS)
NOTE: https://github.com/mpruett/audiofile/issues/54
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[12 Nov 2023] DLA-3650-1 audiofile - security update
+ {CVE-2019-13147 CVE-2022-24599}
+ [buster] - audiofile 0.3.6-5+deb10u1
[08 Nov 2023] DLA-3649-1 python-urllib3 - security update
{CVE-2023-45803}
[buster] - python-urllib3 1.24.1-1+deb10u2
=====================================
data/dla-needed.txt
=====================================
@@ -24,9 +24,6 @@ rather than remove/replace existing ones.
amanda
NOTE: 20230730: Added by Front-Desk (apo)
--
-audiofile (rouca)
- NOTE: 20230918: Added by Front-Desk (apo)
---
bind9 (Thorsten Alteholz)
NOTE: 20230921: Added by Front-Desk (apo)
NOTE: 20231008: backporting patches
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47381688c37621b9803c86f5ba8db65aedfe40c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47381688c37621b9803c86f5ba8db65aedfe40c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231112/5ad884be/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list