Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 27948f86 by Sylvain Beucler at 2022-11-11T10:43:38+01:00 CVE-2022-32149/golang-golang-x-text: buster postponed - - - - - aa2075b8 by Sylvain Beucler at 2022-11-11T10:43:39+01:00 CVE-2022-3275/puppet-module-puppetlabs-apt: buster postponed - - - - - f8ef1b71 by Sylvain Beucler at 2022-11-11T10:43:39+01:00 dla: add libstb - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -12657,6 +12657,7 @@ CVE-2022-3276 (Command injection is possible in the puppetlabs-mysql module prio CVE-2022-3275 (Command injection is possible in the puppetlabs-apt module prior to ve ...) - puppet-module-puppetlabs-apt <unfixed> (bug #1023625) [bullseye] - puppet-module-puppetlabs-apt <no-dsa> (Minor issue) + [buster] - puppet-module-puppetlabs-apt <postponed> (Minor issue, rare condition, follow buster status) NOTE: https://puppet.com/security/cve/CVE-2022-3275 NOTE: https://github.com/puppetlabs/puppetlabs-apt/commit/c26ad2a54f318b4d6fbe55f837b00cd6afd9f1eb (v9.0.0) CVE-2022-3274 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...) @@ -36863,6 +36864,7 @@ CVE-2022-32150 RESERVED CVE-2022-32149 (An attacker may cause a denial of service by crafting an Accept-Langua ...) - golang-golang-x-text 0.3.8-1 (bug #1021785) + [buster] - golang-golang-x-text <postponed> (Limited support, minor issue, follow bullseye DSAs/point-releases (renamed package)) - golang-x-text <removed> NOTE: https://groups.google.com/g/golang-dev/c/qfPIly0X7aU NOTE: https://go.dev/issue/56152 ===================================== data/dla-needed.txt ===================================== @@ -135,6 +135,9 @@ libde265 libreoffice NOTE: 20221012: Programming language: C++. -- +libstb + NOTE: 20221111: Programming language: C. +-- linux (Ben Hutchings) -- man2html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1a7adcf093a16eb24c9e808d034cf0fcef7418e8...f8ef1b71af7c159c5a39d9672fcbbcc79ed8fc93 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1a7adcf093a16eb24c9e808d034cf0fcef7418e8...f8ef1b71af7c159c5a39d9672fcbbcc79ed8fc93 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits