[Git][security-tracker-team/security-tracker][master] Reserve DLA-3947-1 for puma

Abhijith PA (@abhijith) abhijith at debian.org
Wed Nov 6 11:37:01 GMT 2024 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fff593af by Abhijith PA at 2024-11-06T17:06:40+05:30
Reserve DLA-3947-1 for puma

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -82794,7 +82794,6 @@ CVE-2024-21650 (XWiki Platform is a generic wiki platform offering runtime servi
 CVE-2024-21647 (Puma is a web server for Ruby/Rack applications built for parallelism. ...)
 	- puma 6.4.2-1 (bug #1060345)
 	[bookworm] - puma <no-dsa> (Minor issue)
-	[bullseye] - puma <no-dsa> (Minor issue)
 	[buster] - puma <no-dsa> (Minor issue)
 	NOTE: https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2
 	NOTE: https://github.com/puma/puma/commit/bbb880ffb6debbfdea535b4b3eb2204d49ae151d (v5.6.8)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Nov 2024] DLA-3947-1 puma - security update
+	{CVE-2024-21647 CVE-2024-45614}
+	[bullseye] - puma 4.3.8-1+deb11u3
 [05 Nov 2024] DLA-3946-1 context - bugfix update
 	[bullseye] - context 2020.03.10.20200331-1+deb11u1
 [05 Nov 2024] DLA-3945-1 libheif - security update


=====================================
data/dla-needed.txt
=====================================
@@ -131,11 +131,6 @@ proftpd-dfsg (dleidert)
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: Follow fixes from bookworm 12.5 (2 CVEs) (Beuc/front-desk)
 --
-puma (abhijith)
-  NOTE: 20240922: Added by Front-Desk (apo)
-  NOTE: 20241014: Looking at a autopkgtest failure(abhijith)
-  NOTE: 20241104: https://people.debian.org/~abhijith/reports/LTS_ELTS-October-2024.txt (abhijith)
---
 pypy3 (andrewsh)
   NOTE: 20240930: Added by Front-Desk (Beuc)
   NOTE: 20240930: Follow fixes from bookworm 12.6 (4 CVEs) (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fff593af32792e2dee2fb6c751d84aaea2e4d50d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fff593af32792e2dee2fb6c751d84aaea2e4d50d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241106/56228031/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list