[Git][security-tracker-team/security-tracker][master] Reserve DLA-3993-1 for pgpool2

Abhijith PA (@abhijith) abhijith at debian.org
Thu Dec 12 12:20:13 GMT 2024 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7712d8c6 by Abhijith PA at 2024-12-12T17:49:38+05:30
Reserve DLA-3993-1 for pgpool2

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -159278,7 +159278,6 @@ CVE-2023-22333 (Cross-site scripting vulnerability in EasyMail 2.00.130 and earl
 	NOT-FOR-US: EasyMail
 CVE-2023-22332 (Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4. ...)
 	- pgpool2 4.3.5-1 (bug #1030048)
-	[bullseye] - pgpool2 <no-dsa> (Minor issue)
 	[buster] - pgpool2 <postponed> (Minor issue, restricted system account password hash leak to authentified users)
 	NOTE: https://www.pgpool.net/mediawiki/index.php/Main_Page#News
 CVE-2023-22324 (SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5. ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[12 Dec 2024] DLA-3993-1 pgpool2 - security update
+	{CVE-2023-22332 CVE-2024-45624}
+	[bullseye] - pgpool2 4.1.4-3+deb11u1
 [12 Dec 2024] DLA-3992-1 libsoup2.4 - security update
 	{CVE-2024-52530 CVE-2024-52531 CVE-2024-52532}
 	[bullseye] - libsoup2.4 2.72.0-2+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -143,11 +143,6 @@ opensc (guilhem)
   NOTE: 20240815: Follow fixes from buster DLA-3463-1 (5 CVEs) and bookworm 12.4 (2 CVEs) (Beuc/front-desk)
   NOTE: 20241209: More tests needed
 --
-pgpool2
-  NOTE: 20240915: Added by Front-Desk (ta)
-  NOTE: 20241123: Backported patches for all open issues (abhijith)
-  NOTE: 20241123: https://people.debian.org/~abhijith/upload/pg2/ (abhijith)
---
 php-laravel-framework (Chris Lamb)
   NOTE: 20241211: Added by Front-Desk (lamby)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7712d8c689b99a6a2a3a64b25ab94883ed267216

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7712d8c689b99a6a2a3a64b25ab94883ed267216
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241212/fab76ede/attachment.htm>

More information about the debian-security-tracker-commits mailing list