[Git][security-tracker-team/security-tracker][master] dla: packages to sync with bookworm pu
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Mon Aug 12 20:16:39 BST 2024
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
378d7743 by Sylvain Beucler at 2024-08-12T21:16:00+02:00
dla: packages to sync with bookworm pu
- - - - -
1 changed file:
- data/dla-needed.prospective
Changes:
=====================================
data/dla-needed.prospective
=====================================
@@ -51,13 +51,19 @@ cacti (Bastien Roucarès)
--
calibre
NOTE: 20240808: Added by oldstable Security Team (carnil)
- NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
+ NOTE: 20240815: A bookworm DSA is planned
+ NOTE: 20240815: Also follow fixes from bookworm 12.5 (CVE-2023-46303) (Beuc/front-desk)
--
cinder (Thomas Goirand)
NOTE: 20240704: Added by oldstable Security Team (carnil)
NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
NOTE: 20240815: zigo prepared bullseye packages, cf. http://osbpo.debian.net/deb-status/ (Beuc/front-desk)
--
+cjson
+ NOTE: 20240815: Added by Front-Desk (Beuc)
+ NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074090
+ NOTE: 20240815: drop this entry after bullseye 11.11 is out on 2024-08-31 (Beuc/front-desk)
+--
dnsmasq (Lee Garrett)
NOTE: 20240313: Added by oldstable Security Team (jmm)
NOTE: 20240802: CVE-2023-28450 is trivial to fix, however CVE-2023-50387 and CVE-2023-50868
@@ -70,6 +76,11 @@ edk2
NOTE: 20240815: bullseye did not get most of DSA 5624-1 security fixes,
NOTE: 20240815: (10 ipv6-related, postponed CVEs), plus there are older postponed vulnerabilities (Beuc/front-desk)
--
+exim4
+ NOTE: 20240815: Added by Front-Desk (Beuc)
+ NOTE: 20240815: Follow fixes from bookworm 12.3 (2 CVEs)
+ NOTE: 20240815: Consider fixing older postponed CVEs as well (Beuc/front-desk)
+--
ffmpeg
NOTE: 20240815: Added by Front-Desk (Beuc)
NOTE: 20240815: Upgrade to 4.3.8 (Beuc/front-desk)
@@ -106,6 +117,11 @@ h2o
NOTE: 20240815: A bookworm DSA is planned
NOTE: 20240815: coordinate bullseye DLA with secteam (Beuc/front-desk)
--
+indent
+ NOTE: 20240815: Added by Front-Desk (Beuc)
+ NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074142
+ NOTE: 20240815: drop this entry after bullseye 11.11 is out on 2024-08-31 (Beuc/front-desk)
+--
linux (Ben Hutchings)
NOTE: 20230111: perma-added for LTS package-specific delegation (bwh)
--
@@ -130,6 +146,10 @@ nova (Thomas Goirand)
NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
NOTE: 20240815: zigo prepared bullseye packages, cf. http://osbpo.debian.net/deb-status/ (Beuc/front-desk)
--
+nsis
+ NOTE: 20240815: Added by Front-Desk (Beuc)
+ NOTE: 20240815: Follow fixes from bookworm 12.6 (CVE-2023-37378) (Beuc/front-desk)
+--
php-horde-mime-viewer (Mike Gabriel)
NOTE: 20220622: Added by stable Security Team (jmm)
NOTE: 20240815: considered for EOL, sunweaver to work on an update
@@ -209,6 +229,10 @@ squid
NOTE: 20240308: the fix for CVE-2023-5824 is kind of intrusive. (apo)
NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
--
+systemd
+ NOTE: 20240815: Added by Front-Desk (Beuc)
+ NOTE: 20240815: Follow fixes from bookworm 12.5 and 12.6 (3 CVEs) (Beuc/front-desk)
+--
tinyproxy
NOTE: 20240815: Added by oldstable Security Team (jmm)
--
@@ -225,7 +249,7 @@ upx-ucl
--
wireshark
NOTE: 20240815: Added by Front-Desk (Beuc)
- NOTE: 20240815: bullseye currently lags behind lacking fixes present in both buster and bullseye (Beuc/front-desk)
+ NOTE: 20240815: bullseye currently lags behind lacking fixes present in both buster and bookworm (Beuc/front-desk)
--
zabbix
NOTE: 20240126: Added by oldstable Security Team (jmm)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378d7743a249f4414e01c1e8525b716cd1d6e0a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378d7743a249f4414e01c1e8525b716cd1d6e0a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240812/efefee67/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list