[Git][security-tracker-team/security-tracker][master] Reserve DLA-4306-1 for pam
Bastien Roucariès (@rouca)
rouca at debian.org
Sun Sep 21 13:52:47 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c5e34c7b by Bastien Roucariès at 2025-09-21T14:52:32+02:00
Reserve DLA-4306-1 for pam
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -183703,7 +183703,6 @@ CVE-2024-22365 (linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause
[experimental] - pam 1.5.3-2
- pam 1.5.3-4 (bug #1061097)
[bookworm] - pam <no-dsa> (Minor issue)
- [bullseye] - pam <no-dsa> (Minor issue)
[buster] - pam <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2024/01/18/3
NOTE: https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb (v1.6.0)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Sep 2025] DLA-4306-1 pam - security update
+ {CVE-2024-22365 CVE-2025-6020}
+ [bullseye] - pam 1.4.0-9+deb11u2
[19 Sep 2025] DLA-4305-1 firefox-esr - security update
{CVE-2025-10527 CVE-2025-10528 CVE-2025-10529 CVE-2025-10532 CVE-2025-10533 CVE-2025-10536 CVE-2025-10537}
[bullseye] - firefox-esr 140.3.0esr-1~deb11u2
=====================================
data/dla-needed.txt
=====================================
@@ -311,10 +311,6 @@ pagure
NOTE: 20250216: The second issue is outside of my field of expertise. Returning to pool and send message to list (dleidert)
NOTE: 20250217: Upcoming DSA, coordinate with security team (Beuc/front-desk)
--
-pam (rouca)
- NOTE: 20250707: Added by Front-Desk (apo)
- NOTE: 20250806: Waiting for review (rouca)
---
pgagent
NOTE: 20250117: Added by Front-Desk (rouca)
NOTE: 20250619: https://people.debian.org/~abhijith/upload/gss/CVE-2025-0218.patch (abhijith)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5e34c7b572ab4fd92ac4260fc8132e7d41a7e01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5e34c7b572ab4fd92ac4260fc8132e7d41a7e01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250921/bcd6fd59/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list