[Git][security-tracker-team/security-tracker][master] Reserve DLA-3874-1 for nsis

Daniel Leidert (@dleidert) dleidert at debian.org
Wed Sep 4 23:24:07 BST 2024 


Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fe416150 by Daniel Leidert at 2024-09-05T00:23:48+02:00
Reserve DLA-3874-1 for nsis

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -97511,7 +97511,6 @@ CVE-2023-37378 (Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles
 	{DLA-3483-1}
 	- nsis 3.09-1 (bug #1040880)
 	[bookworm] - nsis 3.08-3+deb12u1
-	[bullseye] - nsis <no-dsa> (Minor issue)
 	NOTE: https://github.com/kichik/nsis/commit/c40cf78994e74a1a3a381a850c996b251e3277c0 (v309)
 	NOTE: https://github.com/kichik/nsis/commit/409b5841479c44fbf33a6ba97c1146e46f965467 (v309)
 	NOTE: https://github.com/kichik/nsis/commit/281e2851fe669d10e0650fc89d0e7fb74a598967 (v309)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Sep 2024] DLA-3874-1 nsis - security update
+	{CVE-2023-37378}
+	[bullseye] - nsis 3.06.1-1+deb11u1
 [05 Sep 2024] DLA-3873-1 nova - security update
 	{CVE-2024-32498 CVE-2024-40767}
 	[bullseye] - nova 2:22.4.0-1~deb11u5


=====================================
data/dla-needed.txt
=====================================
@@ -123,11 +123,6 @@ nodejs
   NOTE: 20240815: A bookworm DSA is planned
   NOTE: 20240815: coordinate bullseye DLA with aron (Beuc/front-desk)
 --
-nsis (dleidert)
-  NOTE: 20240815: Added by Front-Desk (Beuc)
-  NOTE: 20240815: Follow fixes from bookworm 12.6 (CVE-2023-37378) (Beuc/front-desk)
-  NOTE: 20240829: Waiting for LTS upload queue (dleidert)
---
 nss (arturo)
   NOTE: 20240825: Added by Front-Desk (ta)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe416150e3ea755b176dbc9ec575a829ad171933

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe416150e3ea755b176dbc9ec575a829ad171933
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240904/6e3ce703/attachment.htm>

More information about the debian-security-tracker-commits mailing list