[Git][security-tracker-team/security-tracker][master] 2 commits: lts: add libarchive
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Thu Oct 31 14:08:52 GMT 2024
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
15b5eb40 by Emilio Pozuelo Monfort at 2024-10-31T15:07:59+01:00
lts: add libarchive
- - - - -
106a633a by Emilio Pozuelo Monfort at 2024-10-31T15:08:00+01:00
Correct libyang triaging for bullseye
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -131415,17 +131415,17 @@ CVE-2023-26918 (Diasoft File Replication Pro 7.5.0 allows attackers to escalate
NOT-FOR-US: Diasoft File Replication Pro
CVE-2023-26917 (libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL poin ...)
- libyang 3.4.2+dfsg-2 (bug #989060)
+ [bullseye] - libyang <no-dsa> (Minor issue)
- libyang2 2.1.148-0.1 (bug #1034724)
[bookworm] - libyang2 <ignored> (Minor issue)
- [bullseye] - libyang2 <no-dsa> (Minor issue)
NOTE: https://github.com/CESNET/libyang/issues/1987
NOTE: https://github.com/CESNET/libyang/commit/cfa1a965a429e4bfc5ae1539a8e87a9cf71c3090 (v2.1.55)
NOTE: src:libyang was removed and later re-introduced as src:libyang with version 3
CVE-2023-26916 (libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL poin ...)
- libyang 3.4.2+dfsg-2 (bug #989060)
+ [bullseye] - libyang <no-dsa> (Minor issue)
- libyang2 2.1.148-0.1 (bug #1034154)
[bookworm] - libyang2 <ignored> (Minor issue)
- [bullseye] - libyang2 <no-dsa> (Minor issue)
NOTE: https://github.com/CESNET/libyang/issues/1979
NOTE: https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096 (v2.1.55)
NOTE: src:libyang was removed and later re-introduced as src:libyang with version 3
=====================================
data/dla-needed.txt
=====================================
@@ -87,6 +87,10 @@ intel-mediasdk (tobi)
knot-resolver
NOTE: 20240924: Added by Front-Desk (lamby)
--
+libarchive
+ NOTE: 20241031: Added by Front-Desk (pochu)
+ NOTE: 20241031: look at no-dsa issues as well (pochu)
+--
libvirt (Thorsten Alteholz)
NOTE: 20240826: Added by Front-Desk (ta)
NOTE: 20241019: more testing needed
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab926472dee4bef5568e94a7f918c901276aebad...106a633a02ed1dad5e6cb28b5ac33fa55707fac4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab926472dee4bef5568e94a7f918c901276aebad...106a633a02ed1dad5e6cb28b5ac33fa55707fac4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241031/35ae552c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list