[Git][security-tracker-team/security-tracker][master] Reserve DLA-3642-1 for request-tracker4
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 31 04:50:10 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7546d4f0 by Salvatore Bonaccorso at 2023-10-31T05:49:56+01:00
Reserve DLA-3642-1 for request-tracker4
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Oct 2023] DLA-3642-1 request-tracker4 - security update
+ {CVE-2023-41259 CVE-2023-41260}
+ [buster] - request-tracker4 4.4.3-2+deb10u3
[30 Oct 2023] DLA-3641-1 jetty9 - security update
{CVE-2020-27218 CVE-2023-36478 CVE-2023-44487}
[buster] - jetty9 9.4.50-4+deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -193,14 +193,6 @@ rails
NOTE: 20230131: Utkarsh to start a thread with sec+ruby team with the possible path forward. (utkarsh)
NOTE: 20230828: want to rollout ruby-rack first. (utkarsh)
--
-request-tracker4
- NOTE: 20231024: Added by Front-Desk (gladk)
- NOTE: 20231024: Please check the commit: https://github.com/bestpractical/rt/commit/a7a83dfdf591cd4d9f547048e89a5a310eeef32d
- NOTE: 20231024: Please check the commit: https://github.com/bestpractical/rt/commit/afb7dcded721e27028e47b62e7e5ed8ffc492beb
- NOTE: 20231025: Andrew Ruthven is working on the buster-security upload, but will let the LTS handle the paperwork (santiago)
- NOTE: 20231028: Andrew has provided the buster patch, it has been posted to the team mailing list (Message-ID: <ZT0Eo_5cWuoItmph at connexer.com>) (roberto)
- NOTE: 20231030: Andrew pushed his work at https://salsa.debian.org/request-tracker-team/request-tracker4/-/commits/buster/ (Beuc)
---
ring
NOTE: 20230903: Added by Front-Desk (gladk)
NOTE: 20230928: will be likely hard to fix see https://lists.debian.org/debian-lts/2023/09/msg00035.html (rouca)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7546d4f04848043706bd80109f1dcfcab614ff9e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7546d4f04848043706bd80109f1dcfcab614ff9e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231031/e849bba3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list