[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add cairosvg to dla-needed.txt

Wed, 22 Mar 2023 22:44:32 -0700 


Anton Gladky pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d9a4b6ef by Anton Gladky at 2023-03-23T06:35:18+01:00
LTS: add cairosvg to dla-needed.txt

- - - - -
4eb3147e by Anton Gladky at 2023-03-23T06:39:48+01:00
Mark CVE-2023-1289 as postponed for buster

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2536,6 +2536,7 @@ CVE-2023-1289
        RESERVED
        - imagemagick <unfixed> (bug #1033254)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
+       [buster] - imagemagick <postponed> (Should be fixed together with some 
other CVEs)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4
 CVE-2023-1288 (An XML External Entity injection (XXE) vulnerability in ENOVIA 
Live Co ...)


=====================================
data/dla-needed.txt
=====================================
@@ -23,6 +23,9 @@ apache2
   NOTE: 20230312: VCS: https://salsa.debian.org/lts-team/packages/apache2.git
   NOTE: 20230312: Special attention: Double check an update! Package is used 
by many customers and users!.
 --
+cairosvg
+  NOTE: 20230323: Programming language: Python.
+--
 ceph
   NOTE: 20221031: Programming language: C++.
   NOTE: 20221031: To be checked further. Not clear whether the vulnerability 
can be exploited in a Debian system.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed43841f38719e4bc2339a4b3daf89f5bf9b47a7...4eb3147efe322b3bd57a98dc2736db546cda8fe7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed43841f38719e4bc2339a4b3daf89f5bf9b47a7...4eb3147efe322b3bd57a98dc2736db546cda8fe7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to