[Git][security-tracker-team/security-tracker][master] Reserve DLA-4062-1 for python-werkzeug
Chris Lamb (@lamby)
lamby at debian.org
Fri Feb 21 12:48:26 GMT 2025
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6759034b by Chris Lamb at 2025-02-21T12:48:00+00:00
Reserve DLA-4062-1 for python-werkzeug
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -81080,7 +81080,6 @@ CVE-2024-34078 (html-sanitizer is an allowlist-based HTML cleaner. If using `kee
CVE-2024-34069 (Werkzeug is a comprehensive WSGI web application library. The debugger ...)
- python-werkzeug 3.0.3-1 (bug #1070711)
[bookworm] - python-werkzeug 2.2.2-3+deb12u1
- [bullseye] - python-werkzeug <postponed> (Minor issue)
[buster] - python-werkzeug <postponed> (Minor issue)
NOTE: https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
NOTE: Fixed by: https://github.com/pallets/werkzeug/commit/71b69dfb7df3d912e66bab87fbb1f21f83504967 (3.0.3)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Feb 2025] DLA-4062-1 python-werkzeug - security update
+ {CVE-2024-34069}
+ [bullseye] - python-werkzeug 1.0.1+dfsg1-2+deb11u2
[21 Feb 2025] DLA-4061-1 libtasn1-6 - security update
{CVE-2024-12133}
[bullseye] - libtasn1-6 4.16.0-2+deb11u2
=====================================
data/dla-needed.txt
=====================================
@@ -228,11 +228,6 @@ phpmyadmin (Chris Lamb)
NOTE: 20250209: Added by Front-Desk (apo)
NOTE: 20250219: Packaged prepared on salsa. (lamby)
--
-python-werkzeug (Chris Lamb)
- NOTE: 20250209: Added by Front-Desk (apo)
- NOTE: 20250209: CVE-2024-34069 was already fixed in bookworm. (apo)
- NOTE: 20250218: Requested review. (lamby)
---
qemu
NOTE: 20240815: Added by Front-Desk (Beuc)
NOTE: 20240815: Follow fixes from bookworm 12.4 (CVE-2023-5088)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6759034bdcbc9e59c52eeb01da29279f2e8c99c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6759034bdcbc9e59c52eeb01da29279f2e8c99c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250221/68735e4b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list