Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0088ca78 by Chris Lamb at 2023-09-01T11:50:58-07:00 Triage CVE-2023-34457 in python-mechanicalsoup for buster LTS. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -8038,6 +8038,7 @@ CVE-2023-34457 (MechanicalSoup is a Python library for automating interaction wi - python-mechanicalsoup <unfixed> (bug #1041814) [bookworm] - python-mechanicalsoup <no-dsa> (Minor issue) [bullseye] - python-mechanicalsoup <no-dsa> (Minor issue) + [buster] - python-mechanicalsoup <no-dsa> (Minor issue; invasive backport required) NOTE: https://github.com/MechanicalSoup/MechanicalSoup/security/advisories/GHSA-x456-3ccm-m6j4 NOTE: https://github.com/MechanicalSoup/MechanicalSoup/commit/d57c4a269bba3b9a0c5bfa20292955b849006d9e (v1.3.0) CVE-2023-34338 (AMI SPx contains a vulnerability in the BMC where an Attacker may caus ...) ===================================== data/dla-needed.txt ===================================== @@ -138,9 +138,6 @@ python-glance-store NOTE: 20230705: pushed a patched version to: https://salsa.debian.org/lts-team/packages/python-glance-store (jspricke) NOTE: 20230705: upstream patch looks fine to me but should probably be tested and released together with the other affected packages. (jspricke) -- -python-mechanicalsoup (Chris Lamb) - NOTE: 20230819: Added by Front-Desk (ta) --- python-os-brick NOTE: 20230525: Added by Front-Desk (lamby) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0088ca78bd8e7fe7a1db6bd92fdad4316c7aa89a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0088ca78bd8e7fe7a1db6bd92fdad4316c7aa89a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits