[Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 25 22:50:01 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
efeaf0aa by Salvatore Bonaccorso at 2024-07-25T23:49:17+02:00
Reserve DSA number for bind9 update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -353,6 +353,7 @@ CVE-2024-1737 (Resolver caches and authoritative zone databases that hold signif
NOTE: RRset limits in zones: https://kb.isc.org/docs/rrset-limits-in-zones
CVE-2024-0760 (A malicious client can send many DNS messages over TCP, potentially ca ...)
- bind9 1:9.20.0-1
+ [bookworm] - bind9 1:9.18.28-1~deb12u1
[bullseye] - bind9 <not-affected> (Vulnerable code introduced in 9.18 branch)
NOTE: https://kb.isc.org/docs/cve-2024-0760
CVE-2024-6913 (Execution with unnecessary privileges in PerkinElmer ProcessPlus allow ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[25 Jul 2024] DSA-5734-1 bind9 - security update
+ {CVE-2024-1737 CVE-2024-1975 CVE-2024-4076}
+ [bullseye] - bind9 1:9.16.50-1~deb11u1
+ [bookworm] - bind9 1:9.18.28-1~deb12u1
[18 Jul 2024] DSA-5733-1 thunderbird - security update
{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604}
[bullseye] - thunderbird 1:115.13.0-1~deb11u1
=====================================
data/dsa-needed.txt
=====================================
@@ -11,9 +11,6 @@ To pick an issue, simply add your uid behind it.
If needed, specify the release by adding a slash after the name of the source package.
---
-bind9 (carnil)
- Maintainer prepared an update for review and DSA release
--
cacti
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efeaf0aa2dee996d13c8960ccd049131990c79de
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efeaf0aa2dee996d13c8960ccd049131990c79de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240725/9febcd44/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list