Andreas Rönnquist pushed to branch master at Debian Security Tracker / security-tracker
Commits: e3bd4b37 by Andreas Rönnquist at 2022-06-20T15:17:45+02:00 sleuthkit DLA - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -162471,7 +162471,6 @@ CVE-2020-10232 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a {DLA-2137-1} - sleuthkit 4.9.0+dfsg-2 (low; bug #953976) [buster] - sleuthkit 4.6.5-1+deb10u1 - [stretch] - sleuthkit <no-dsa> (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/issues/1836 NOTE: https://github.com/sleuthkit/sleuthkit/commit/459ae818fc8dae717549810150de4d191ce158f1 CVE-2020-10231 (TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_17 ...) @@ -245596,7 +245595,6 @@ CVE-2018-19498 (The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs. ...) {DLA-1610-1} - sleuthkit 4.6.5-1 (low; bug #914796) - [stretch] - sleuthkit <no-dsa> (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374 NOTE: https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d CVE-2018-19496 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[20 Jun 2022] DLA-3054-1 sleuthkit - security update + {CVE-2017-13755 CVE-2017-13756 CVE-2017-13760 CVE-2018-19497 CVE-2020-10232 CVE-2020-1010065} + [stretch] - sleuthkit 4.4.0-5+deb9u1 [20 Jun 2022] DLA-3053-1 vim - security update {CVE-2021-3903 CVE-2022-0417 CVE-2022-0943 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2124 CVE-2022-2126} [stretch] - vim 2:8.0.0197-4+deb9u7 ===================================== data/dla-needed.txt ===================================== @@ -284,10 +284,6 @@ samba NOTE: 20220110: fix applied, but will need a second opinion. (utkarsh) NOTE: 20220125: ftbfs, wip. (utkarsh) -- -sleuthkit (Andreas Rönnquist) - NOTE: 20220529: Programming language: C++. - NOTE: 20220524: Follow buster: harmonize with with Debian 10.0 and 10.7 (2 CVEs) (Beuc/front-desk) --- slurm-llnl NOTE: 20220529: Programming language: C. NOTE: 20220516: Checking the code it looks like the patches will apply so the code is clearly vulnerable. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3bd4b37f84b07fad8e69d2ae03b9b2a47802762 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3bd4b37f84b07fad8e69d2ae03b9b2a47802762 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits