Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: b315e37b by Anton Gladky at 2023-09-12T06:41:50+02:00 Reserve DLA-3562-1 for orthanc - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -9853,7 +9853,6 @@ CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP v1.0. CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access to the Or ...) {DSA-5473-1} - orthanc 1.12.1+dfsg-1 (bug #1040597) - [buster] - orthanc <no-dsa> (Requires new configuration variable) NOTE: https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568 NOTE: Requires the addition of a new RestApiWriteToFileSystemEnabled configuration and NOTE: a check in ExportInstanceFile (OrthancRestResources.cpp); the default value ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[12 Sep 2023] DLA-3562-1 orthanc - security update + {CVE-2023-33466} + [buster] - orthanc 1.5.6+dfsg-1+deb10u1 [11 Sep 2023] DLA-3561-1 node-cookiejar - security update {CVE-2022-25901} [buster] - node-cookiejar 2.0.1-1+deb10u1 ===================================== data/dla-needed.txt ===================================== @@ -156,11 +156,6 @@ openjdk-11 (Emilio) NOTE: 20230802: update prepared for new CPU, waiting for DSA and checking NOTE: 20230802: whether to change jtreg version (pochu) -- -orthanc (gladk) - NOTE: 20230812: Added by Front-Desk (Beuc) - NOTE: 20230812: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/41 - NOTE: 20230812: Check DSA-5473-1 (Beuc/front-desk) --- poppler NOTE: 20230908: Added by Front-Desk (lamby) NOTE: 20230908: Added due to CVE-2020-23804. However, please check CVE-2020-18839 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b315e37b22361d185fcb3974d805fc81871bd5c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b315e37b22361d185fcb3974d805fc81871bd5c8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits