[Git][security-tracker-team/security-tracker][master] Reserve DLA-3600-1 for postgresql-11

Utkarsh Gupta (@utkarsh) utkarsh at debian.org
Tue Oct 3 22:46:04 BST 2023 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c0dce80 by Utkarsh Gupta at 2023-10-04T03:15:50+05:30
Reserve DLA-3600-1 for postgresql-11

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -7448,7 +7448,6 @@ CVE-2023-39417 (IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found
 	- postgresql-13 <removed>
 	[bullseye] - postgresql-13 <postponed> (Minor issue, fix along with next round of updates)
 	- postgresql-11 <removed>
-	[buster] - postgresql-11 <no-dsa> (Minor issue)
 	NOTE: https://www.postgresql.org/support/security/CVE-2023-39417/
 	NOTE: https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=de494ec14f6bd7f2676623a5934723a6c8ba51c2 (REL_15_4)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[04 Oct 2023] DLA-3600-1 postgresql-11 - security update
+	{CVE-2023-39417}
+	[buster] - postgresql-11 11.21-0+deb10u2
 [02 Oct 2023] DLA-3599-1 exim4 - security update
 	{CVE-2023-42114 CVE-2023-42116}
 	[buster] - exim4 4.92-8+deb10u8


=====================================
data/dla-needed.txt
=====================================
@@ -134,9 +134,6 @@ poppler (Adrian Bunk)
   NOTE: 20230908: as I suspect this is a duplicate of CVE-2020-27778 (which has already
   NOTE: 20230908: been fixed). (lamby)
 --
-postgresql-11 (Utkarsh)
-  NOTE: 20231001: Myon uploaded and asked on #debian-lts to do the paperwork. (utkarsh)
---
 prometheus-alertmanager (rouca)
   NOTE: 20230925: Added by Front-Desk (apo)
   NOTE: 20230925: Vulnerable code is in ui/app/src/Views/AlertList/AlertView.elm



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c0dce8074f7d577d32768f9d93fd093c8c98fc2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c0dce8074f7d577d32768f9d93fd093c8c98fc2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231003/51a07255/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list