[Git][security-tracker-team/security-tracker][master] Reserve DLA-3655-1 for lwip
Tobias Frost (@tobi)
tobi at debian.org
Sat Nov 18 21:38:33 GMT 2023
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5e7c4ebe by Tobias Frost at 2023-11-18T22:38:14+01:00
Reserve DLA-3655-1 for lwip
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -233674,7 +233674,6 @@ CVE-2020-22284 (A buffer overflow vulnerability in the zepif_linkoutput() functi
CVE-2020-22283 (A buffer overflow vulnerability in the icmp6_send_response_with_addrs_ ...)
- lwip 2.1.3+dfsg1-1 (bug #991645)
[bullseye] - lwip 2.1.2+dfsg1-8+deb11u1
- [buster] - lwip <no-dsa> (Minor issue)
NOTE: https://savannah.nongnu.org/bugs/index.php?58553
NOTE: Pre-requisite: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=d843e47a1d65451bd7f7aaa5017b408bd108be88 (master)
NOTE: Fixed by: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=489405839ae0fea8b99c4896f632eb688dc8a19a (master)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Nov 2023] DLA-3655-1 lwip - security update
+ {CVE-2020-22283}
+ [buster] - lwip 2.0.3-3+deb10u2
[17 Nov 2023] DLA-3654-1 freerdp2 - security update
{CVE-2021-41160 CVE-2022-24883 CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39318 CVE-2022-39319 CVE-2022-39347 CVE-2022-41877}
[buster] - freerdp2 2.3.0+dfsg1-2+deb10u4
=====================================
data/dla-needed.txt
=====================================
@@ -125,10 +125,6 @@ linux (Ben Hutchings)
linux-5.10
NOTE: 20231005: perma-added for LTS package-specific delegation (bwh)
--
-lwip (tobi)
- NOTE: 20231101: Added by Front-Desk (lamby)
- NOTE: 20231101: Sync with bullseye (CVE-2020-22283 & CVE-2020-22284). (lamby)
---
mediawiki (guilhem)
NOTE: 20231011: Added by Front-Desk (ta)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7c4ebee2fc91d6ba8f647454321230491e2474
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7c4ebee2fc91d6ba8f647454321230491e2474
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231118/d50aa502/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list