[Git][security-tracker-team/security-tracker][master] 2 commits: lts: claim flightgear and simgear
Tobias Quathamer (@toddy)
toddy at debian.org
Wed Jan 29 12:53:12 GMT 2025
Tobias Quathamer pushed to branch master at Debian Security Tracker / security-tracker
Commits:
072e6c2d by Dr. Tobias Quathamer at 2025-01-29T13:52:54+01:00
lts: claim flightgear and simgear
- - - - -
982913b3 by Dr. Tobias Quathamer at 2025-01-29T13:52:55+01:00
Add info about backported patches for flightgear and simgear
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -734,6 +734,8 @@ CVE-2025-0781 (An attacker can bypass the sandboxing of Nasal scripts and arbitr
[bullseye] - simgear <no-dsa> (Minor issue)
NOTE: Fixed by: https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358
NOTE: Fixed by: https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8
+ NOTE: Backported patch for 2020.3.6: https://gitlab.com/frougon/flightgear-flightgear/-/commit/cf99dc921aadab502ff90a1dd943d8bbb897de91
+ NOTE: Backported patch for 2020.3.6: https://gitlab.com/frougon/flightgear-simgear/-/commit/f2e8c8ce3925e62275d97d46c73c32cbc864d80b
CVE-2024-31906 (IBM Automation Decision Services 23.0.2 allows web pages to be stored ...)
NOT-FOR-US: IBM
CVE-2024-13505 (The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Si ...)
=====================================
data/dla-needed.txt
=====================================
@@ -77,7 +77,7 @@ espeak-ng
NOTE: 20241014: Still looking at the incomplete fixes (abhijith)
NOTE: 20241104: haven't spend time to look in to it. Will look after fixing puma (abhijith)
--
-flightgear (Emilio)
+flightgear (Tobias Quathamer)
NOTE: 20250129: Added by Front-Desk (pochu)
NOTE: 20250129: maintainer will upload a fixed package (pochu)
--
@@ -228,7 +228,7 @@ shadow
NOTE: 20250105: shadow is a high-profile package. Upstream discussion for CVE-2024-56433 is
NOTE: 20250105: ongoing. I'm adding it to dla-needed.txt to keep it on our radar.
--
-simgear (Emilio)
+simgear (Tobias Quathamer)
NOTE: 20250129: Added by Front-Desk (pochu)
NOTE: 20250129: maintainer will upload a fixed package (pochu)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12ade3c5e918df8e571bfcc5466d93a43939bcd6...982913b3d4ba98c82c4f7bf83fdcb5fc7c971408
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12ade3c5e918df8e571bfcc5466d93a43939bcd6...982913b3d4ba98c82c4f7bf83fdcb5fc7c971408
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250129/ff64e977/attachment.htm>
More information about the debian-security-tracker-commits
mailing list