[Git][security-tracker-team/security-tracker][master] Reserve DLA-4103-1 for suricata

Thorsten Alteholz (@alteholz) alteholz at debian.org
Mon Mar 31 22:46:27 BST 2025 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f696f80a by Thorsten Alteholz at 2025-03-31T23:46:10+02:00
Reserve DLA-4103-1 for suricata

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -51806,7 +51806,6 @@ CVE-2024-45797 (LibHTP is a security-aware parser for the HTTP protocol and the
 CVE-2024-45796 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)
 	- suricata 1:7.0.7-1
 	[bookworm] - suricata <no-dsa> (Minor issue)
-	[bullseye] - suricata <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg
 	NOTE: https://redmine.openinfosecfoundation.org/issues/7067
 CVE-2024-45795 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)
@@ -74384,7 +74383,6 @@ CVE-2024-38534 (Suricata is a network Intrusion Detection System, Intrusion Prev
 CVE-2024-37151 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)
 	- suricata 1:7.0.6-1
 	[bookworm] - suricata <no-dsa> (Minor issue)
-	[bullseye] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24
 	NOTE: https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0 (suricata-6.0.20)
 	NOTE: https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b (suricata-7.0.6)
@@ -95131,7 +95129,6 @@ CVE-2024-32664 (Suricata is a network Intrusion Detection System, Intrusion Prev
 CVE-2024-32663 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)
 	- suricata 1:7.0.5-1
 	[bookworm] - suricata <no-dsa> (Minor issue)
-	[bullseye] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r
 	NOTE: https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 (suricata-6.0.19)
 	NOTE: https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 (suricata-6.0.19)
@@ -160718,7 +160715,6 @@ CVE-2023-35853 (In Suricata before 6.0.13, an adversary who controls an external
 CVE-2023-35852 (In Suricata before 6.0.13 (when there is an adversary who controls an  ...)
 	- suricata 1:6.0.13-1
 	[bookworm] - suricata <no-dsa> (Minor issue)
-	[bullseye] - suricata <no-dsa> (Minor issue)
 	[buster] - suricata <no-dsa> (Minor issue)
 	NOTE: https://github.com/OISF/suricata/commit/aee1523b4591430ebed1ded0bb95508e6717a335
 	NOTE: https://github.com/OISF/suricata/commit/735f5aa9ca3b28cfacc7a443f93a44387fbacf17
@@ -277931,7 +277927,6 @@ CVE-2021-45099 (The addon.stdin service in addon-ssh (aka Home Assistant Communi
 	NOT-FOR-US: Home Assistant Community Add-on: SSH & Web Terminal
 CVE-2021-45098 (An issue was discovered in Suricata before 6.0.4. It is possible to by ...)
 	- suricata 1:6.0.4-1
-	[bullseye] - suricata <no-dsa> (Minor issue)
 	[buster] - suricata <no-dsa> (Minor issue)
 	[stretch] - suricata <no-dsa> (Minor issue)
 	NOTE: https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Mar 2025] DLA-4103-1 suricata - security update
+	{CVE-2021-45098 CVE-2023-35852 CVE-2024-32663 CVE-2024-37151 CVE-2024-45796 CVE-2024-55626 CVE-2025-29918}
+	[bullseye] - suricata 1:6.0.1-3+deb11u1
 [31 Mar 2025] DLA-4102-1 linux-6.1 - security update
 	{CVE-2024-26596 CVE-2024-40945 CVE-2024-42069 CVE-2024-42122 CVE-2024-45001 CVE-2024-47726 CVE-2024-49989 CVE-2024-50061 CVE-2024-54458 CVE-2024-56549 CVE-2024-57834 CVE-2024-57973 CVE-2024-57978 CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986 CVE-2024-57993 CVE-2024-57996 CVE-2024-57997 CVE-2024-57998 CVE-2024-58001 CVE-2024-58007 CVE-2024-58009 CVE-2024-58010 CVE-2024-58011 CVE-2024-58013 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017 CVE-2024-58020 CVE-2024-58034 CVE-2024-58051 CVE-2024-58052 CVE-2024-58054 CVE-2024-58055 CVE-2024-58056 CVE-2024-58058 CVE-2024-58061 CVE-2024-58063 CVE-2024-58068 CVE-2024-58069 CVE-2024-58071 CVE-2024-58072 CVE-2024-58076 CVE-2024-58077 CVE-2024-58080 CVE-2024-58083 CVE-2024-58085 CVE-2024-58086 CVE-2025-21684 CVE-2025-21700 CVE-2025-21701 CVE-2025-21703 CVE-2025-21704 CVE-2025-21705 CVE-2025-21706 CVE-2025-21707 CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21716 CVE-2025-21718 CVE-2025-21719 CVE-2025-21722 CVE-2025-21724 CVE-2025-21725 CVE-2025-21726 CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21734 CVE-2025-21735 CVE-2025-21736 CVE-2025-21738 CVE-2025-21744 CVE-2025-21745 CVE-2025-21748 CVE-2025-21749 CVE-2025-21750 CVE-2025-21753 CVE-2025-21758 CVE-2025-21760 CVE-2025-21761 CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-21767 CVE-2025-21772 CVE-2025-21775 CVE-2025-21776 CVE-2025-21779 CVE-2025-21780 CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787 CVE-2025-21790 CVE-2025-21791 CVE-2025-21792 CVE-2025-21794 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799 CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811 CVE-2025-21812 CVE-2025-21814 CVE-2025-21819 CVE-2025-21820 CVE-2025-21821 CVE-2025-21823 CVE-2025-21826 CVE-2025-21829 CVE-2025-21830 CVE-2025-21832 CVE-2025-21835}
 	[bullseye] - linux-6.1 6.1.129-1~deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -288,9 +288,6 @@ sogo
   NOTE: 20240922: Added by Front-Desk (apo)
   NOTE: 20240922: See also postponed issues.
 --
-suricata (Thorsten Alteholz)
-  NOTE: 20250112: Added by Front-Desk (ta)
---
 symfony
   NOTE: 20241110: Added by Front-Desk (apo)
   NOTE: 20241120: Follow fixes from DSA-5809-1 and DSA-5813-1 (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f696f80a1c5c77642740ab673e9cacf4a7ce5a08

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f696f80a1c5c77642740ab673e9cacf4a7ce5a08
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250331/6bec7b5b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list