[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA-5664-1 for jetty9

Wed Apr 17 22:21:44 BST 2024


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ffea03a by Markus Koschany at 2024-04-17T23:19:47+02:00
Reserve DSA-5664-1 for jetty9

- - - - -
92f7273d by Markus Koschany at 2024-04-17T23:21:17+02:00
Reserve DSA-5665-1 for tomcat10

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -34221,7 +34221,6 @@ CVE-2023-34055 (In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3
 CVE-2023-46589 (Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 1 ...)
 	{DLA-3707-1}
 	- tomcat10 10.1.16-1 (bug #1057082)
-	[bookworm] - tomcat10 <postponed> (Minor issue, fix along in next DSA)
 	- tomcat9 9.0.70-2
 	[bullseye] - tomcat9 <postponed> (Minor issue, fix along in next DSA)
 	- tomcat8 <removed>


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[17 Apr 2024] DSA-5665-1 tomcat10 - security update
+	{CVE-2023-46589 CVE-2024-23672 CVE-2024-24549}
+	[bookworm] - tomcat10 10.1.6-1+deb12u2
+[17 Apr 2024] DSA-5664-1 jetty9 - security update
+	{CVE-2024-22201}
+	[bullseye] - jetty9 9.4.50-4+deb11u2
+	[bookworm] - jetty9 9.4.50-4+deb12u3
 [17 Apr 2024] DSA-5663-1 firefox-esr - security update
 	{CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864}
 	[bullseye] - firefox-esr 115.10.0esr-1~deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -35,8 +35,6 @@ guix (jmm)
 --
 h2o (jmm)
 --
-jetty9 (apo)
---
 libreswan (jmm)
   Maintainer prepared bookworm-security update, but needs work on bullseye-security backports
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/99a6a8dd2eaf98b75e8a31741847c7e020543144...92f7273d5ac0dcb437618ca6d9f06f9999e04566

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/99a6a8dd2eaf98b75e8a31741847c7e020543144...92f7273d5ac0dcb437618ca6d9f06f9999e04566
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240417/6507c16c/attachment-0001.htm>
