Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 891d9dab by Moritz Muehlenhoff at 2023-02-06T16:53:15+01:00 bullseye triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -526,10 +526,11 @@ CVE-2023-25002 CVE-2023-25001 RESERVED CVE-2023-0634 (An uncontrolled process operation was found in the newgrp command prov ...) - - shadow <unfixed> + - shadow <unfixed> (unimportant) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2166544 NOTE: https://github.com/shadow-maint/shadow/pull/642 NOTE: https://github.com/shadow-maint/shadow/commit/62172f6fb51519a8cf56e35e4ce2b76cc301a7fc + NOTE: Crash in CLI tool, no security impact CVE-2023-0633 RESERVED CVE-2023-0632 @@ -27436,6 +27437,7 @@ CVE-2022-3561 (Cross-site Scripting (XSS) - Generic in GitHub repository librenm NOT-FOR-US: LibreNMS CVE-2022-3560 (A flaw was found in pesign. The pesign package provides a systemd serv ...) - pesign <unfixed> (bug #1030168) + [bullseye] - pesign <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2023/01/31/6 NOTE: https://www.openwall.com/lists/oss-security/2023/02/01/2 NOTE: https://github.com/rhboot/pesign/commit/d8a8c259994d0278c59b30b41758a8dd0abff998 (116) @@ -78149,10 +78151,12 @@ CVE-2022-24896 (Tuleap is a Free & Open Source Suite to manage software deve NOT-FOR-US: Tuleap CVE-2022-24895 (Symfony is a PHP framework for web and console applications and a set ...) - symfony 5.4.20+dfsg-1 + [bullseye] - symfony <no-dsa> (Minor issue) NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-3gv2-29qc-v67m NOTE: https://github.com/symfony/symfony/commit/5909d74ecee359ea4982fcf4331aaf2e489a1fd4 CVE-2022-24894 (Symfony is a PHP framework for web and console applications and a set ...) - symfony 5.4.20+dfsg-1 + [bullseye] - symfony <no-dsa> (Minor issue) NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-h7vf-5wrv-9fhv NOTE: https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb CVE-2022-24893 (ESP-IDF is the official development framework for Espressif SoCs. In E ...) ===================================== data/dsa-needed.txt ===================================== @@ -11,9 +11,15 @@ To pick an issue, simply add your uid behind it. If needed, specify the release by adding a slash after the name of the source package. +-- +apr-util +-- +apr -- frr -- +haproxy +-- jupyter-core Maintainer asked for availability to prepare updates -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/891d9dab823803c5fa72786a7d4f30558b57b1de -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/891d9dab823803c5fa72786a7d4f30558b57b1de You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits