[Git][security-tracker-team/security-tracker][master] Reserve DLA-3626-1 for krb5
Adrian Bunk (@bunk)
bunk at debian.org
Sun Oct 22 21:18:03 BST 2023
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e012c8d by Adrian Bunk at 2023-10-22T23:17:43+03:00
Reserve DLA-3626-1 for krb5
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11527,7 +11527,6 @@ CVE-2023-36054 (lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.2
- krb5 1.20.1-3 (bug #1043431)
[bookworm] - krb5 1.20.1-2+deb12u1
[bullseye] - krb5 1.18.3-6+deb11u4
- [buster] - krb5 <postponed> (Minor issue, DoS)
NOTE: https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
CVE-2023-34477 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: Joomla extension
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[22 Oct 2023] DLA-3626-1 krb5 - security update
+ {CVE-2023-36054}
+ [buster] - krb5 1.17-3+deb10u6
[22 Oct 2023] DLA-3625-1 ruby-rmagick - security update
{CVE-2023-5349}
[buster] - ruby-rmagick 2.16.0-6+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -101,10 +101,6 @@ imagemagick
jetty9 (Markus Koschany)
NOTE: 20231011: Added by Front-Desk (ta)
--
-krb5 (Adrian Bunk)
- NOTE: 20231007: Added by Front-Desk (Beuc)
- NOTE: 20231007: Follow fixes from bullseye 11.8 (1 CVE) (Beuc/front-desk)
---
libreswan
NOTE: 20230817: Added by Front-Desk (ta)
NOTE: 20230909: Prepared a patch for CVE-2023-38712 and pushed it to
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e012c8dc8f80e7c9b2e874bc4cd0fd37890c0aa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e012c8dc8f80e7c9b2e874bc4cd0fd37890c0aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231022/a585b3ef/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list