[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add some packages into the dla-needed.txt
Anton Gladky (@gladk)
gladk at debian.org
Sun Sep 3 20:20:46 BST 2023
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ceae6e23 by Anton Gladky at 2023-09-03T21:14:46+02:00
LTS: add some packages into the dla-needed.txt
- - - - -
dec5bf52 by Anton Gladky at 2023-09-03T21:19:47+02:00
LTS: mark CVE-2020-22217 as not-affected for jessie and stretch
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -220872,6 +220872,8 @@ CVE-2020-22218 (An issue was discovered in function _libssh2_packet_add in libss
NOTE: https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45 (libssh2-1.10.0)
CVE-2020-22217 (Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via ...)
- c-ares 1.17.1-1
+ [jessie] - c-ares <not-affected> (vulnerable code is not present)
+ [stretch] - c-ares <not-affected> (vulnerable code is not present)
NOTE: https://github.com/c-ares/c-ares/issues/333
NOTE: https://github.com/c-ares/c-ares/pull/332
NOTE: Fixed by: https://github.com/c-ares/c-ares/commit/1b98172b141fe874ad43e679e67506f9b2139043 (c-ares-1_17_0)
=====================================
data/dla-needed.txt
=====================================
@@ -73,6 +73,9 @@ freeimage
frr
NOTE: 20230901: Added by Front-Desk (gladk)
--
+gerbv
+ NOTE: 20230903: Added by Front-Desk (gladk)
+--
glib2.0 (santiago)
NOTE: 20230612: Added by Front-Desk (apo)
NOTE: 20230710: WIP (santiago)
@@ -80,6 +83,9 @@ glib2.0 (santiago)
NOTE: 20230807: idem.
NOTE: 20230820: asked for review/test.
--
+gsl
+ NOTE: 20230903: Added by Front-Desk (gladk)
+--
i2p
NOTE: 20230809: Added by Front-Desk (Beuc)
NOTE: 20230809: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/28
@@ -91,6 +97,9 @@ imagemagick
libreswan (Markus Koschany)
NOTE: 20230817: Added by Front-Desk (ta)
--
+libssh2
+ NOTE: 20230903: Added by Front-Desk (gladk)
+--
linux (Ben Hutchings)
NOTE: 20230111: perma-added for LTS package-specific delegation (bwh)
--
@@ -167,6 +176,9 @@ rails (utkarsh)
NOTE: 20230131: Utkarsh to start a thread with sec+ruby team with the possible path forward. (utkarsh)
NOTE: 20230828: want to rollout ruby-rack first. (utkarsh)
--
+ring
+ NOTE: 20230903: Added by Front-Desk (gladk)
+--
ruby-loofah
NOTE: 20221231: Added by Front-Desk (ola)
NOTE: 20230313: Pinged Daniel re. patches in repo ^. (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6f2cbdbbbd71480032bd068740a244e3cae0520c...dec5bf5248e2327a541604610f3c040bdf072f31
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6f2cbdbbbd71480032bd068740a244e3cae0520c...dec5bf5248e2327a541604610f3c040bdf072f31
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230903/3fd63374/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list