[Git][security-tracker-team/security-tracker][master] Reserve DLA-4180-1 for pgbouncer

Andreas Henriksson (@ah) gitlab at salsa.debian.org
Tue May 27 08:41:41 BST 2025 


Andreas Henriksson pushed to branch master at Debian Security Tracker / security-tracker


Commits:
312f00ad by Andreas Henriksson at 2025-05-27T09:41:06+02:00
Reserve DLA-4180-1 for pgbouncer

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -304229,7 +304229,6 @@ CVE-2021-3936
 CVE-2021-3935 (When PgBouncer is configured to use "cert" authentication, a man-in-th ...)
 	{DLA-2922-1}
 	- pgbouncer 1.16.1-1
-	[bullseye] - pgbouncer <no-dsa> (Minor issue; can be fixed via point release)
 	[buster] - pgbouncer <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://www.pgbouncer.org/2021/11/pgbouncer-1-16-1
 	NOTE: https://github.com/pgbouncer/pgbouncer/releases/tag/pgbouncer_1_16_1


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 May 2025] DLA-4180-1 pgbouncer - security update
+	{CVE-2021-3935 CVE-2025-2291}
+	[bullseye] - pgbouncer 1.15.0-1+deb11u1
 [26 May 2025] DLA-4179-1 libavif - security update
 	{CVE-2025-48174 CVE-2025-48175}
 	[bullseye] - libavif 0.8.4-2+deb11u2


=====================================
data/dla-needed.txt
=====================================
@@ -332,10 +332,6 @@ pagure
 pgagent
   NOTE: 20250117: Added by Front-Desk (rouca)
 --
-pgbouncer (ah)
-  NOTE: 20250422: Added by Front-Desk (rouca)
-  NOTE: 20250526: https://salsa.debian.org/postgresql/pgbouncer/-/merge_requests/3 (ah)
---
 pgpool2
   NOTE: 20250520: Added by Front-Desk (Beuc)
   NOTE: 20250520: Upcoming DSA.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/312f00ad58534cb0ec0ff3786784e58e618d22bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/312f00ad58534cb0ec0ff3786784e58e618d22bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250527/0c83ca75/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list