[Git][security-tracker-team/security-tracker][master] Reserve DLA-3801-1 for emacs

Mon Apr 29 13:51:00 BST 2024


Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker


Commits:
71c6a7ff by Sean Whitton at 2024-04-29T13:50:47+01:00
Reserve DLA-3801-1 for emacs

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Apr 2024] DLA-3801-1 emacs - security update
+	{CVE-2024-30203 CVE-2024-30204 CVE-2024-30205}
+	[buster] - emacs 1:26.1+1-3.2+deb10u5
 [29 Apr 2024] DLA-3800-1 ruby-rack - security update
 	{CVE-2024-25126 CVE-2024-26141 CVE-2024-26146}
 	[buster] - ruby-rack 2.0.6-3+deb10u4


=====================================
data/dla-needed.txt
=====================================
@@ -81,15 +81,6 @@ edk2
   NOTE: 20231230: CVE-2019-11098 fixed via bullseye 11.2 (lamby)
   NOTE: 20240312: CVE-2023-48733 fixed via DSA-5624-1 (Beuc/front-desk)
 --
-emacs (Sean Whitton)
-  NOTE: 20240403: Added by Front-Desk (lamby)
-  NOTE: 20240403: Needs someone with a little familiarity with Lisp — by my
-  NOTE: 20240403: eye, the version of emacs in LTS may not be vulnerable to,
-  NOTE: 20240403: for example, CVE-2024-30202. But I think it is vulnerable
-  NOTE: 20240403: to CVE-2024-30203. (lamby)
-  NOTE: 20240422: Making progress through bookworm,bullseye,buster.
-  NOTE: 20240422: No major blockers, just taking some backporting.  (spwhitton)
---
 freeimage
   NOTE: 20240320: Added by Front-Desk (ta)
   NOTE: 20240320: lots of postponed issue could be fixed as well



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71c6a7ffaa6c4244d67cd0f25c4f9ae0c2deae2d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71c6a7ffaa6c4244d67cd0f25c4f9ae0c2deae2d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240429/2f3f95e4/attachment-0001.htm>
