[Git][security-tracker-team/security-tracker][master] Reserve DLA-3722-1 for mariadb-10.3

@rouca Fri, 26 Jan 2024 23:29:48 -0800


Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a3ee8b68 by Bastien Roucariès at 2024-01-27T07:29:14+00:00
Reserve DLA-3722-1 for mariadb-10.3

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -217932,8 +217932,8 @@ CVE-2020-35878 (An issue was discovered in the ozone 
crate through 2020-07-04 fo
 CVE-2020-35877 (An issue was discovered in the ozone crate through 2020-07-04 
for Rust ...)
        NOT-FOR-US: ozone rust crate
 CVE-2020-35876 (An issue was discovered in the rio crate through 2020-05-11 
for Rust.  ...)
-        - rust-rio <unfixed> (bug #1061577)
-        NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0021.html
+       - rust-rio <unfixed> (bug #1061577)
+       NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0021.html
 CVE-2020-35875 (An issue was discovered in the tokio-rustls crate before 
0.13.1 for Ru ...)
        NOT-FOR-US: Rust crate tokio-rustls
        NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0019.html


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Jan 2024] DLA-3722-1 mariadb-10.3 - security update
+       {CVE-2023-22084}
+       [buster] - mariadb-10.3 1:10.3.39-0+deb10u2
 [25 Jan 2024] DLA-3721-1 xorg-server - security update
        {CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 
CVE-2024-21886}
        [buster] - xorg-server 2:1.20.4-1+deb10u13


=====================================
data/dla-needed.txt
=====================================
@@ -154,10 +154,6 @@ linux (Ben Hutchings)
 linux-5.10
   NOTE: 20231005: perma-added for LTS package-specific delegation (bwh)
 --
-mariadb-10.3 (rouca)
-  NOTE: 20231129: Added by Front-Desk (Beuc)
-  NOTE: 20240114: Contacted upstream about this particular CVE and that commit 
fix it (rouca)
---
 nova
   NOTE: 20230302: Re-add, request by maintainer (Beuc)
   NOTE: 20230302: zigo says that DLA 3302-1 ships a buster-specific 
CVE-2022-47951 backport that introduces regression



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3ee8b68684a0594bb47ea4a03d5c650b358e50b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3ee8b68684a0594bb47ea4a03d5c650b358e50b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3722-1 for mariadb-10.3

Reply via email to