[Git][security-tracker-team/security-tracker][master] Reserve DLA-3875-1 for gnutls28
Guilhem Moulin (@guilhem)
guilhem at debian.org
Thu Sep 5 00:00:42 BST 2024
Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1cdb31c9 by Guilhem Moulin at 2024-09-05T00:53:17+02:00
Reserve DLA-3875-1 for gnutls28
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -49755,7 +49755,6 @@ CVE-2024-28835 (A flaw has been discovered in GnuTLS where an application crash
[experimental] - gnutls28 3.8.4-1
- gnutls28 3.8.4-2 (bug #1067463)
[bookworm] - gnutls28 3.7.9-2+deb12u3
- [bullseye] - gnutls28 <no-dsa> (Minor issue)
[buster] - gnutls28 <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2269084
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1525
@@ -49768,7 +49767,6 @@ CVE-2024-28834 (A flaw was found in GnuTLS. The Minerva attack is a cryptographi
[experimental] - gnutls28 3.8.4-1
- gnutls28 3.8.4-2 (bug #1067464)
[bookworm] - gnutls28 3.7.9-2+deb12u3
- [bullseye] - gnutls28 <no-dsa> (Minor issue)
[buster] - gnutls28 <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1516
NOTE: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Sep 2024] DLA-3875-1 gnutls28 - security update
+ {CVE-2024-28834 CVE-2024-28835}
+ [bullseye] - gnutls28 3.7.1-5+deb11u6
[05 Sep 2024] DLA-3874-1 nsis - security update
{CVE-2023-37378}
[bullseye] - nsis 3.06.1-1+deb11u1
=====================================
data/dla-needed.txt
=====================================
@@ -97,10 +97,6 @@ glewlwyd
NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007884
NOTE: 20240815: maintainer (babelouest) plans to do a LTS upload as well (Beuc/front-desk)
--
-gnutls28 (guilhem)
- NOTE: 20240815: Added by Front-Desk (Beuc)
- NOTE: 20240815: Follow fixes from bookworm 12.6 (2 CVEs + other security fixes without CVE) (Beuc/front-desk)
---
libvirt (Thorsten Alteholz)
NOTE: 20240826: Added by Front-Desk (ta)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cdb31c920bb77be2c8fa462aba5c8ca76df4396
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cdb31c920bb77be2c8fa462aba5c8ca76df4396
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240904/405d8702/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list