[Git][security-tracker-team/security-tracker][master] Reserve DLA-4151-1 for golang-github-gorilla-csrf

[Andrej Shadura (@andrewsh)]

Andrej Shadura pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff5f0c84 by Andrej Shadura at 2025-05-01T11:12:58+02:00
Reserve DLA-4151-1 for golang-github-gorilla-csrf

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 May 2025] DLA-4151-1 golang-github-gorilla-csrf - security update
+	{CVE-2025-24358}
+	[bullseye] - golang-github-gorilla-csrf 1.6.2-2+deb11u1
 [01 May 2025] DLA-4150-1 u-boot - security update
 	{CVE-2019-14196 CVE-2022-2347 CVE-2022-30552 CVE-2022-30767 CVE-2022-30790 CVE-2022-33103 CVE-2022-33967 CVE-2022-34835 CVE-2024-57254 CVE-2024-57255 CVE-2024-57256 CVE-2024-57257 CVE-2024-57258 CVE-2024-57259}
 	[bullseye] - u-boot 2021.01+dfsg-5+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -105,10 +105,6 @@ gimp
 glewlwyd
   NOTE: 20250312: Added by Front-Desk; CVE-2024-25715 to be fixed (lamby)
 --
-golang-github-gorilla-csrf (andrewsh)
-  NOTE: 20250422: Added by Front-Desk (rouca)
-  NOTE: 20250422: Need to binNMU reverse depends (in that order): golang-github-alecthomas-chroma, golang-github-niklasfasching-go-org, golang-github-yuin-goldmark-highlighting, hugo (rouca)
---
 grub2
   NOTE: 20250105: Added by Front-Desk (apo)
   NOTE: 20250105: high-profile package but not enough details yet. (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5f0c84598ba3425b43661f2b37fa6cb8b75f75

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5f0c84598ba3425b43661f2b37fa6cb8b75f75
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250501/26064a84/attachment-0001.htm>