[Git][security-tracker-team/security-tracker][master] Reserve DLA-3765-1 for cacti

Mon Mar 18 17:46:54 GMT 2024


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d8aeddc1 by Sylvain Beucler at 2024-03-18T18:46:31+01:00
Reserve DLA-3765-1 for cacti

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Mar 2024] DLA-3765-1 cacti - security update
+	{CVE-2023-39357 CVE-2023-39360 CVE-2023-39361 CVE-2023-39362 CVE-2023-39364 CVE-2023-39365 CVE-2023-39513 CVE-2023-39515 CVE-2023-39516 CVE-2023-49084 CVE-2023-49085 CVE-2023-49086 CVE-2023-49088}
+	[buster] - cacti 1.2.2+ds1-2+deb10u6
 [18 Mar 2024] DLA-3764-1 postgresql-11 - security update
 	{CVE-2024-0985}
 	[buster] - postgresql-11 11.22-0+deb10u2


=====================================
data/dla-needed.txt
=====================================
@@ -38,20 +38,6 @@ bind9
   NOTE: 20240218: Added by Front-Desk (lamby)
   NOTE: 20240218: CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 CVE-2023-5517 CVE-2023-5679 already fixed in bullseye. (lamby)
 --
-cacti (Sylvain Beucler)
-  NOTE: 20230906: Added by Front-Desk (lamby)
-  NOTE: 20231205: Triaging CVEs backlog (Beuc)
-  NOTE: 20231218: Keep triaging CVEs backlog (Beuc)
-  NOTE: 20240102: Triage more CVEs backlog, fix a couple bullseye triage, sync with maintainer (Beuc)
-  NOTE: 20240112: No progress as I've been busy on other tasks, but all bugs are minor so far (Beuc)
-  NOTE: 20240123: Backport patches, report duplicate to MITRE (CVE-2023-50569) (Beuc)
-  NOTE: 20240131: Tidy https://salsa.debian.org/debian/cacti/-/tree/buster?ref_type=heads (Beuc)
-  NOTE: 20240219: Backport patches, update patch commits (Beuc)
-  NOTE: 20240222: Coordinating with maintainer to prepare bullseye&bookworm updates (Beuc)
-  NOTE: 20240222: Reported incomplete fix upstream (Beuc)
-  NOTE: 20240227: Sent debdiffs for buster/bullseye/bookworm to maintainer+secteam; no news from upstream yet (Beuc)
-  NOTE: 20240315: Final (hopefully) debdiffs sent for upcoming DSA, buster update ready; still no news from upstream (Beuc)
---
 composer (rouca)
   NOTE: 20240209: Added by Front-Desk (utkarsh)
   NOTE: 20240304: Need to backport bullseye (rouca)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8aeddc13786c746ba3ea187d395c19bc87ff85c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8aeddc13786c746ba3ea187d395c19bc87ff85c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240318/7d42fdbb/attachment-0001.htm>
