[Git][security-tracker-team/security-tracker][master] Reserve DLA-3910-1 for e2fsprogs

Fri Oct 4 14:44:26 BST 2024


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
939e67bb by Adrian Bunk at 2024-10-04T16:44:12+03:00
Reserve DLA-3910-1 for e2fsprogs

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -196996,7 +196996,6 @@ CVE-2022-1305 (Use after free in storage in Google Chrome prior to 100.0.4896.88
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1304 (An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46. ...)
 	- e2fsprogs 1.46.6~rc1-1 (bug #1010263)
-	[bullseye] - e2fsprogs <no-dsa> (Minor issue)
 	[buster] - e2fsprogs <no-dsa> (Minor issue)
 	[stretch] - e2fsprogs <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2069726


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[04 Oct 2024] DLA-3910-1 e2fsprogs - security update
+	{CVE-2022-1304}
+	[bullseye] - e2fsprogs 1.46.2-2+deb11u1
 [03 Oct 2024] DLA-3909-1 zabbix - security update
 	{CVE-2022-23132 CVE-2022-23133 CVE-2022-24349 CVE-2022-24917 CVE-2022-24918 CVE-2022-24919 CVE-2022-35229 CVE-2022-35230 CVE-2022-43515 CVE-2023-29449 CVE-2023-29450 CVE-2023-29454 CVE-2023-29455 CVE-2023-29456 CVE-2023-29457 CVE-2023-29458 CVE-2023-32721 CVE-2023-32722 CVE-2023-32724 CVE-2023-32726 CVE-2023-32727 CVE-2024-22114 CVE-2024-22116 CVE-2024-22119 CVE-2024-22122 CVE-2024-22123 CVE-2024-36460 CVE-2024-36461}
 	[bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -61,10 +61,6 @@ dnsmasq
 docker.io
   NOTE: 20240922: Added by Front-Desk (apo)
 --
-e2fsprogs (Adrian Bunk)
-  NOTE: 20241002: Added by coordinator (santiago)
-  NOTE: 20241002: A sponsor requested a fix for CVE-2022-1304 (santiago)
---
 edk2
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: bullseye did not get most of DSA 5624-1 security fixes,



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/939e67bb9aff987e74ad74b4ee67c56d5a8f400f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/939e67bb9aff987e74ad74b4ee67c56d5a8f400f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241004/6580afd8/attachment.htm>
