[Git][security-tracker-team/security-tracker][master] Reserve DLA-3562-1 for orthanc

Mon, 11 Sep 2023 21:42:23 -0700 


Anton Gladky pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b315e37b by Anton Gladky at 2023-09-12T06:41:50+02:00
Reserve DLA-3562-1 for orthanc

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9853,7 +9853,6 @@ CVE-2023-34486 (itsourcecode Online Hotel Management 
System Project In PHP v1.0.
 CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access 
to the Or ...)
        {DSA-5473-1}
        - orthanc 1.12.1+dfsg-1 (bug #1040597)
-       [buster] - orthanc <no-dsa> (Requires new configuration variable)
        NOTE: 
https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568
        NOTE: Requires the addition of a new RestApiWriteToFileSystemEnabled 
configuration and
        NOTE: a check in ExportInstanceFile (OrthancRestResources.cpp); the 
default value


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[12 Sep 2023] DLA-3562-1 orthanc - security update
+       {CVE-2023-33466}
+       [buster] - orthanc 1.5.6+dfsg-1+deb10u1
 [11 Sep 2023] DLA-3561-1 node-cookiejar - security update
        {CVE-2022-25901}
        [buster] - node-cookiejar 2.0.1-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -156,11 +156,6 @@ openjdk-11 (Emilio)
   NOTE: 20230802: update prepared for new CPU, waiting for DSA and checking
   NOTE: 20230802: whether to change jtreg version (pochu)
 --
-orthanc (gladk)
-  NOTE: 20230812: Added by Front-Desk (Beuc)
-  NOTE: 20230812: Experimental issue-based workflow: please self-assign and 
follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/41
-  NOTE: 20230812: Check DSA-5473-1 (Beuc/front-desk)
---
 poppler
   NOTE: 20230908: Added by Front-Desk (lamby)
   NOTE: 20230908: Added due to CVE-2020-23804. However, please check 
CVE-2020-18839



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b315e37b22361d185fcb3974d805fc81871bd5c8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b315e37b22361d185fcb3974d805fc81871bd5c8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to