[Git][security-tracker-team/security-tracker][master] Track proposed update for galera-4 including CVE fix via bullseye-pu
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 5 21:31:31 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7590aad9 by Salvatore Bonaccorso at 2023-10-05T22:30:53+02:00
Track proposed update for galera-4 including CVE fix via bullseye-pu
- - - - -
2 changed files:
- data/CVE/list
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1716,6 +1716,7 @@ CVE-2023-5189 [insecure galaxy-importer tarfile extraction]
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2234387
CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on ports 33 ...)
- galera-4 26.4.13-1
+ [bullseye] - galera-4 <no-dsa> (Minor issue; can be fixed via point release)
- galera-3 <unfixed> (bug #1053476)
NOTE: https://jira.mariadb.org/browse/MDEV-25068
CVE-2023-5115 [malicious role archive can cause ansible-galaxy to overwrite arbitrary files]
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -268,3 +268,5 @@ CVE-2023-32611
[bullseye] - glib2.0 2.66.8-1+deb11u1
CVE-2023-29499
[bullseye] - glib2.0 2.66.8-1+deb11u1
+CVE-2023-5157
+ [bullseye] - galera-4 26.4.14-0+deb11u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7590aad9bfa1a6d58a8d58e570dc11f3e1b407da
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7590aad9bfa1a6d58a8d58e570dc11f3e1b407da
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231005/8c5e4387/attachment.htm>
More information about the debian-security-tracker-commits
mailing list