[Git][security-tracker-team/security-tracker][master] Noted reason for a few revert decisions in dla-needed for buster.

Ola Lundqvist (@opal) opal at debian.org
Tue Mar 12 19:40:57 GMT 2024 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3e1a0971 by Ola Lundqvist at 2024-03-12T20:40:41+01:00
Noted reason for a few revert decisions in dla-needed for buster.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -54,6 +54,7 @@ cacti (Sylvain Beucler)
 cinder
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder.
+  NOTE: 20240311: CVE-2020-10755 is fixed in bullseye
 --
 composer (rouca)
   NOTE: 20240209: Added by Front-Desk (utkarsh)
@@ -74,6 +75,7 @@ docker.io
   NOTE: 20230706: ask for review testing https://lists.debian.org/debian-lts/2023/07/msg00013.html
   NOTE: 20230801: rouca and santiago testing the swarm overlay network (including current buster version)
   NOTE: 20240213: CVE-2024-24557 patch does not directly apply and lack of reproducer test case
+  NOTE: 20230311: Reverted decision to remove from this file since three CVEs are in bullseye.
 --
 dogecoin
   NOTE: 20230619: Added by Front-Desk (Beuc)
@@ -188,6 +190,7 @@ nvidia-cuda-toolkit
   NOTE: 20230514: piled up. (utkarsh)
   NOTE: 20230610: Details: https://lists.debian.org/debian-lts/2023/06/msg00032.html
   NOTE: 20230610: my recommendation would be to put the package on the "not-supported" list. (tobi)
+  NOTE: 20240311: CVE-2020-5991 is fixed in bullseye. However email sent to suggest removal of support.
 --
 nvidia-graphics-drivers
   NOTE: 20240303: Added by Front-Desk (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e1a0971cd2ab97ef0e8eb9036646adbe58dc497

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e1a0971cd2ab97ef0e8eb9036646adbe58dc497
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240312/a5443559/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list