[Git][security-tracker-team/security-tracker][master] Reserve DLA-3593-1 for gerbv

Sat Sep 30 15:01:52 BST 2023


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
176092bb by Adrian Bunk at 2023-09-30T17:01:27+03:00
Reserve DLA-3593-1 for gerbv

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -147529,7 +147529,6 @@ CVE-2021-40395
 CVE-2021-40394 (An out-of-bounds write vulnerability exists in the RS-274X aperture ma ...)
 	{DSA-5306-1}
 	- gerbv 2.8.1-1
-	[buster] - gerbv <no-dsa> (Minor issue)
 	[stretch] - gerbv <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1405
 	NOTE: https://github.com/advisories/GHSA-936x-jwpc-5p28
@@ -147537,7 +147536,6 @@ CVE-2021-40394 (An out-of-bounds write vulnerability exists in the RS-274X apert
 CVE-2021-40393 (An out-of-bounds write vulnerability exists in the RS-274X aperture ma ...)
 	{DSA-5306-1}
 	- gerbv 2.8.2-1
-	[buster] - gerbv <no-dsa> (Minor issue)
 	[stretch] - gerbv <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1404
 	NOTE: https://github.com/advisories/GHSA-w67q-2hr6-7cjf


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Sep 2023] DLA-3593-1 gerbv - security update
+	{CVE-2021-40393 CVE-2021-40394 CVE-2023-4508}
+	[buster] - gerbv 2.7.0-1+deb10u3
 [30 Sep 2023] DLA-3592-1 jetty9 - security update
 	{CVE-2023-26048 CVE-2023-26049 CVE-2023-36479 CVE-2023-40167}
 	[buster] - jetty9 9.4.16-0+deb10u3


=====================================
data/dla-needed.txt
=====================================
@@ -79,10 +79,6 @@ freerdp2
   NOTE: 20230924: Added by Front-Desk (apo)
   NOTE: 20230924: Too many unresolved issues have piled up. High popcon. (apo)
 --
-gerbv (Adrian Bunk)
-  NOTE: 20230903: Added by Front-Desk (gladk)
-  NOTE: 20230918: DLA coming soon. (bunk)
---
 gst-plugins-bad1.0 (Thorsten Alteholz)
   NOTE: 20230928: Added by Frond-Desk (ola)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/176092bb2f545919a5fb80e3494209e91869a2bc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/176092bb2f545919a5fb80e3494209e91869a2bc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230930/42f45368/attachment.htm>
