[Git][security-tracker-team/security-tracker][master] Reserve DLA-4201-1 for libvpx

[Adrian Bunk (@bunk)]

Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8be81802 by Adrian Bunk at 2025-05-31T23:46:53+03:00
Reserve DLA-4201-1 for libvpx

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 May 2025] DLA-4201-1 libvpx - security update
+	{CVE-2025-5283}
+	[bullseye] - libvpx 1.9.0-1+deb11u4
 [31 May 2025] DLA-4200-1 symfony - security update
 	{CVE-2024-50343 CVE-2024-50345}
 	[bullseye] - symfony 4.4.19+dfsg-2+deb11u7


=====================================
data/dla-needed.txt
=====================================
@@ -204,9 +204,6 @@ libstring-compare-constanttime-perl
   NOTE: 20250430: with it. At least not until we have either decided to revert the patch landing in trixie or accept
   NOTE: 20250430: it. Context in https://github.com/hoytech/String-Compare-ConstantTime/pull/21
 --
-libvpx (Adrian Bunk)
-  NOTE: 20250529: Added by Front-Desk (pochu)
---
 libxmltok
   NOTE: 20250421: Added by Front-Desk (ta)
   NOTE: 20250421: Also review all other expat CVEs. (bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8be81802100dde5b0b59927efd6af8bfe9748ca3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8be81802100dde5b0b59927efd6af8bfe9748ca3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250531/e7ee2d62/attachment-0001.htm>