[Git][security-tracker-team/security-tracker][master] 2 commits: Claim edk2 and docker.io in dla-needed.txt

Thu Jun 27 17:38:14 BST 2024


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
753f5e94 by Markus Koschany at 2024-06-27T18:35:52+02:00
Claim edk2 and docker.io in dla-needed.txt

- - - - -
48c569e6 by Markus Koschany at 2024-06-27T18:37:56+02:00
Reserve DLA-3845-1 for dlt-daemon

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Jun 2024] DLA-3845-1 dlt-daemon - security update
+	{CVE-2022-39836 CVE-2022-39837 CVE-2023-26257 CVE-2023-36321}
+	[buster] - dlt-daemon 2.18.0-1+deb10u2
 [26 Jun 2024] DLA-3844-1 git - security update
 	{CVE-2019-1387 CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 CVE-2024-32002 CVE-2024-32004 CVE-2024-32021 CVE-2024-32465}
 	[buster] - git 1:2.20.1-2+deb10u9


=====================================
data/dla-needed.txt
=====================================
@@ -49,13 +49,6 @@ cyrus-imapd
 dcmtk (Adrian Bunk)
   NOTE: 20240428: Added by Front-Desk (ta)
 --
-dlt-daemon (Markus Koschany)
-  NOTE: 20240519: Added by Front-Desk (utkarsh)
-  NOTE: 20240519: 1 buffer-overflow, 1 memory leak, and 2 crashes. I think we
-  NOTE: 20240519: can postpone these but I am in split mind. Will take it myself
-  NOTE: 20240519: and decide further. (utkarsh)
-  NOTE: 20240610: somebody should take it from here. (utkarsh)
---
 dns-root-data (santiago)
   NOTE: 20240607: Added by coordinator (santiago)
   NOTE: 20240607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054393
@@ -67,7 +60,7 @@ dnsmasq
   NOTE: 20240327: Claimed by lamby, started thread on deblts-team. (lamby)
   NOTE: 20240403: Re-assigned back to dleidert; see thread on deblts-team list. (lamby)
 --
-docker.io
+docker.io (Markus Koschany)
   NOTE: 20230303: Added by Front-Desk (Beuc)
   NOTE: 20230303: Follow fixes from bullseye 11.2 (3 CVEs) (Beuc/front-desk)
   NOTE: 20230424: Is in preparation. (gladk)
@@ -85,7 +78,7 @@ dogecoin
   NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix;
   NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk)
 --
-edk2
+edk2 (Markus Koschany)
   NOTE: 20231230: Added by Front-Desk (lamby)
   NOTE: 20231230: CVE-2019-11098 fixed via bullseye 11.2 (lamby)
   NOTE: 20240312: CVE-2023-48733 fixed via DSA-5624-1 (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ebcf4e1fac473a2b3644d2510dd9f813c925583...48c569e6a2c215afff86dac6527b1b68ef2fd5ee

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ebcf4e1fac473a2b3644d2510dd9f813c925583...48c569e6a2c215afff86dac6527b1b68ef2fd5ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240627/b9df54a3/attachment-0001.htm>
