[Git][security-tracker-team/security-tracker][master] 5 commits: Link to jss bug report

Sun Sep 24 23:27:07 BST 2023


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0584393d by Markus Koschany at 2023-09-24T23:53:05+02:00
Link to jss bug report

- - - - -
ad87c4af by Markus Koschany at 2023-09-25T00:02:51+02:00
Add prometheus-alertmanager to dla-needed.txt

- - - - -
3237caa5 by Markus Koschany at 2023-09-25T00:10:11+02:00
Add phppgadmin to dla-needed.txt

- - - - -
ac0b8e12 by Markus Koschany at 2023-09-25T00:12:59+02:00
Add puma to dla-needed.txt

- - - - -
ca49e4d1 by Markus Koschany at 2023-09-25T00:25:41+02:00
Add osslsigncode to dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -53763,7 +53763,7 @@ CVE-2022-4133
 	REJECTED
 CVE-2022-4132 [Tomcat: Memory leak in JSS]
 	RESERVED
-	- jss <unfixed>
+	- jss <unfixed> (bug #1052575)
 	[buster] - jss <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2147372
 	NOTE: Triggered by: https://github.com/dogtagpki/jss/pull/928


=====================================
data/dla-needed.txt
=====================================
@@ -161,12 +161,26 @@ open-vm-tools (Sean Whitton)
 opendkim
   NOTE: 20230821: Added by Front-Desk (ta)
 --
+osslsigncode
+  NOTE: 20230925: Added by Front-Desk (apo)
+  NOTE: 20230925: Maybe a new upstream release should just do the trick here.
+--
+phppgadmin
+  NOTE: 20230925: Added by Front-Desk (apo)
+--
 poppler
   NOTE: 20230908: Added by Front-Desk (lamby)
   NOTE: 20230908: Added due to CVE-2020-23804. However, please check CVE-2020-18839
   NOTE: 20230908: as I suspect this is a duplicate of CVE-2020-27778 (which has already
   NOTE: 20230908: been fixed). (lamby)
 --
+prometheus-alertmanager
+  NOTE: 20230925: Added by Front-Desk (apo)
+  NOTE: 20230925: Vulnerable code is in ui/app/src/Views/AlertList/AlertView.elm
+--
+puma
+  NOTE: 20230925: Added by Front-Desk (apo)
+--
 python-git
   NOTE: 20230923: Added by Front-Desk (apo)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/670c7491ac5b41d8e232a71bf289dd5d0b3e1775...ca49e4d19a3118dec3be56686339c9b5b6dbc129

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/670c7491ac5b41d8e232a71bf289dd5d0b3e1775...ca49e4d19a3118dec3be56686339c9b5b6dbc129
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230924/098337f3/attachment-0001.htm>
