[Git][security-tracker-team/security-tracker][master] Reserve DSA number for less update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 3 22:08:24 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea41e677 by Salvatore Bonaccorso at 2024-05-03T23:07:39+02:00
Reserve DSA number for less update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -23820,8 +23820,6 @@ CVE-2024-24722 (An unquoted service path vulnerability in the 12d Synergy Server
 	NOT-FOR-US: 12d Synergy Server
 CVE-2022-48624 (close_altfile in filename.c in less before 606 omits shell_quote calls ...)
 	- less 590-2.1 (bug #1064293)
-	[bookworm] - less <no-dsa> (Minor issue)
-	[bullseye] - less <no-dsa> (Minor issue)
 	[buster] - less <no-dsa> (Minor issue)
 	NOTE: https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144 (v606)
 CVE-2020-36774 (plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x b ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[03 May 2024] DSA-5679-1 less - security update
+	{CVE-2022-48624 CVE-2024-32487}
+	[bullseye] - less 551-2+deb11u2
+	[bookworm] - less 590-2.1~deb12u2
 [03 May 2024] DSA-5678-1 glibc - security update
 	{CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602}
 	[bullseye] - glibc 2.31-13+deb11u10


=====================================
data/dsa-needed.txt
=====================================
@@ -28,8 +28,6 @@ gpac/oldstable
 --
 h2o (jmm)
 --
-less (carnil)
---
 libreswan (jmm)
   Maintainer prepared bookworm-security update, but needs work on bullseye-security backports
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea41e677af6cbe729715851353220d9fde709020

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea41e677af6cbe729715851353220d9fde709020
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240503/0bac3668/attachment.htm>

More information about the debian-security-tracker-commits mailing list