Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0edbaf9b by Sylvain Beucler at 2023-09-12T18:16:48+02:00
CVE-2022-23518/ruby-rails-html-sanitizer: reference patch
- - - - -
aecdcf27 by Sylvain Beucler at 2023-09-12T18:16:50+02:00
CVE-2022-23519
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a2cffb1 by Sylvain Beucler at 2023-09-12T13:18:22+02:00
dla: claim ruby-rails-html-sanitizer and ruby-loofah
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
update?
I considered it but I was mostly out of time, I can do some testing next
week. IIUC there was also progress on the older releases since.
Cheers!
Sylvain Beucler
Debian LTS Team
ttps://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/36#note_423686
- LTS Documentation
- information-for-lts-contributors (internal): clarifications
- Tooling
- queue report ('find-work'): link tracker package status page
- Help newcomers on IRC
- Jitsi team meeting
--
Sylvain Beu
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
43c5fcf9 by Sylvain Beucler at 2023-08-28T22:09:53+02:00
CVE-2018-1000656,CVE-2019-1010084/flask: clarify situation a little more
- - - - -
1 changed file:
- data/CVE/list
Changes
the maintainer (e.g. with
comprehensive testing).
In conclusion, I believe there's a higher chance of fixing the bug right
now in bullseye/oldstable, rather later in bullseye/LTS.
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
08407242 by Sylvain Beucler at 2023-08-25T12:13:50+02:00
dla: reference samba status update e-mail
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5a557634 by Sylvain Beucler at 2023-08-25T12:11:57+02:00
dla: drop gawk, aligning with other dists
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3541-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
August 24, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24816548 by Sylvain Beucler at 2023-08-24T13:42:17+02:00
Reserve DLA-3541-1 for w3m
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5fb8ec48 by Sylvain Beucler at 2023-08-19T20:16:13+02:00
dla: update w3m status
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e93a97df by Sylvain Beucler at 2023-08-14T12:04:24+02:00
dla: claim w3m
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
91f1ddec by Sylvain Beucler at 2023-08-12T18:21:15+02:00
dla: mention contributors should self-assign the (experimental) issues when
claiming
- - - - -
1 changed file:
- data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e22ebcd0 by Sylvain Beucler at 2023-08-12T18:10:23+02:00
dla: add lxc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f3079bb2 by Sylvain Beucler at 2023-08-12T17:54:16+02:00
CVE-2022-38223/w3m: reference follow-up fix
- - - - -
0e990e9d by Sylvain Beucler at 2023-08-12T17:56:56+02:00
dla: add w3m
- - - - -
2
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35345853 by Sylvain Beucler at 2023-08-12T17:30:45+02:00
dla: add orthanc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0da9cbdf by Sylvain Beucler at 2023-08-12T12:30:36+02:00
dla: add gst-plugins-ugly1.0
- - - - -
cfc31fe0 by Sylvain Beucler at 2023-08-12T12:31:06+02:00
CVE-2023-37788/golang-github-elazarl-goproxy
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e901d995 by Sylvain Beucler at 2023-08-12T12:19:24+02:00
CVE-2023-3180/qemu: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c2242e3 by Sylvain Beucler at 2023-08-12T11:39:18+02:00
dla: add netatalk
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c98ee868 by Sylvain Beucler at 2023-08-11T21:42:21+02:00
dla: update flask-security
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
90af22f7 by Sylvain Beucler at 2023-08-11T21:32:28+02:00
dla: add issue for flask-security
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9fb26ccc by Sylvain Beucler at 2023-08-11T21:30:38+02:00
dla: add flask
- - - - -
bfa627d4 by Sylvain Beucler at 2023-08-11T21:30:38+02:00
dla: add flask-security
- - - - -
1 changed file
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
efe69dd1 by Sylvain Beucler at 2023-08-11T20:29:41+02:00
dla: add opendmarc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bed564e5 by Sylvain Beucler at 2023-08-11T13:41:31+02:00
dla: new CVE issued for python-git
- - - - -
1 changed file:
- data/DLA/list
Changes:
=
data/DLA
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0c4b5b80 by Sylvain Beucler at 2023-08-11T13:28:46+02:00
dla: update ruby-loofah and ruby-rails-html-sanitizer status
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7bfeb8ad by Sylvain Beucler at 2023-08-11T13:13:54+02:00
CVE-2023-3823/php*: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
faf9fec3 by Sylvain Beucler at 2023-08-11T13:09:46+02:00
CVE-2023-3824/php*: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b674a2ed by Sylvain Beucler at 2023-08-11T12:01:10+02:00
dla: add issue for otrs2
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
50ac9d28 by Sylvain Beucler at 2023-08-11T12:00:03+02:00
dla: add otrs2
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0c615cf9 by Sylvain Beucler at 2023-08-11T11:50:50+02:00
CVE-2023-4016/procps: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6defd9b6 by Sylvain Beucler at 2023-08-10T16:08:04+02:00
CVE-2023-36054/krb5: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c316d5a2 by Sylvain Beucler at 2023-08-10T16:02:32+02:00
dla: add mediawiki
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc18d78d by Sylvain Beucler at 2023-08-10T14:10:45+02:00
CVE-2023-38497/cargo,rust-cargo: buster postponed
- - - - -
52ebd861 by Sylvain Beucler at 2023-08-10T14:10:47+02:00
openbabel: buster
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
86284d7b by Sylvain Beucler at 2023-08-09T20:31:12+02:00
CVE-2023-37276/python-aiohttp: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af6ef93a by Sylvain Beucler at 2023-08-09T18:30:48+02:00
dla: add datatables.js
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
256ed1ea by Sylvain Beucler at 2023-08-09T16:58:46+02:00
dla: add i2p (with experimental issue-based LTS workflow)
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09b41c3c by Sylvain Beucler at 2023-08-09T11:18:40+02:00
data/embedded-code-copies: drop ruby versions =wheezy
- - - - -
c9d9f0a6 by Sylvain Beucler at 2023-08-09T11:18:40+02:00
data/embedded-code
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41979053 by Sylvain Beucler at 2023-08-09T10:47:30+02:00
dla: add intel-microcode
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c1c67975 by Sylvain Beucler at 2023-08-08T21:31:23+02:00
dla: add rar and unrar-nonfree
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fda70de4 by Sylvain Beucler at 2023-08-08T19:13:07+02:00
CVE-2023-3896/vim: patches, affected versions, buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e40a706 by Sylvain Beucler at 2023-08-08T18:27:30+02:00
dla: add ruby-rmagick
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ed6002e by Sylvain Beucler at 2023-08-07T20:03:12+02:00
CVE-2023-3978/golang-golang-x-net-dev: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e475358b by Sylvain Beucler at 2023-08-07T20:00:56+02:00
CVE-2023-36617/ruby2.5,jruby: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
caf87e32 by Sylvain Beucler at 2023-08-07T19:55:19+02:00
CVE-2023-25515,CVE-2023-25516/nvidia-graphics-drivers-legacy-340xx: buster
ignored
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02083da9 by Sylvain Beucler at 2023-08-07T17:44:51+02:00
Revert CVE-2023-38559/ghostscript: buster postponed
This reverts commit 9a235de5c98c4c4e7fafc119d35ea2366a3051a5.
Fixed by DLA 3519-1
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9a235de5 by Sylvain Beucler at 2023-08-07T16:43:26+02:00
CVE-2023-38559/ghostscript: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7bee307 by Sylvain Beucler at 2023-08-07T16:38:27+02:00
Fix typo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55d434cb by Sylvain Beucler at 2023-08-07T16:31:37+02:00
CVE-2023-3180/qemu: reference sanctioned patch
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
087685b9 by Sylvain Beucler at 2023-08-07T16:04:33+02:00
CVE-2023-4156/gawk: drop confusing link to non-OOB-read-related fixes
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
66e76a1c by Sylvain Beucler at 2023-08-07T15:55:52+02:00
CVE-2023-4156/gawk: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0814efd6 by Sylvain Beucler at 2023-08-07T11:46:48+02:00
dla: thunderbird already uploaded
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Hello Carsten,
Thanks for updating Thunderbird for buster :)
Do you want the LTS Team to take care of the DLA registration and
announcement, or do you plan to do that yourself?
(I assume this matches https://www.debian.org/security/2023/dsa-5469)
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
259dd1c5 by Sylvain Beucler at 2023-08-03T19:59:30+02:00
CVE-2023-25435/tiff: reference prior CVE fixed with same patch
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5f583338 by Sylvain Beucler at 2023-08-03T13:30:14+02:00
CVE-2022-4907/ffmpeg: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9720f53 by Sylvain Beucler at 2023-08-03T12:10:41+02:00
CVE-2023-28864/chef: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cad08bb8 by Sylvain Beucler at 2023-08-02T21:02:36+02:00
dla: tidy golang triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cdf4bfb5 by Sylvain Beucler at 2023-08-02T20:48:16+02:00
CVE-2023-28755/ruby*: reference follow-up CVE
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ccc03ddd by Sylvain Beucler at 2023-08-02T20:38:40+02:00
Typo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8449c0d5 by Sylvain Beucler at 2023-08-02T20:11:31+02:00
CVE-2023-3301/qemu: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
kage
updates
- Help newcomers on IRC
--
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
865da069 by Sylvain Beucler at 2023-08-01T19:53:11+02:00
CVE-2023-32732/grpc: slight clarification
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d7614158 by Sylvain Beucler at 2023-07-31T19:46:32+02:00
CVE-2023-0330/qemu: fix is available, update buster triage
- - - - -
18cf48d9 by Sylvain Beucler at 2023-07-31T19:46:34+02:00
CVE-2021-3750
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ee54b17 by Sylvain Beucler at 2023-07-31T17:07:55+02:00
CVE-2023-32731/grpc: precise links + buster not-affected
- - - - -
f320dc28 by Sylvain Beucler at 2023-07-31T17:21:02+02:00
CVE-2023-32732
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c53f6d4c by Sylvain Beucler at 2023-07-25T22:36:55+02:00
CVE-2023-1428/grpc: introductory commit + buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3502-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
July 25, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6d370503 by Sylvain Beucler at 2023-07-25T12:08:36+02:00
Reserve DLA-3502-1 for python-git
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2d3ce0c2 by Sylvain Beucler at 2023-07-22T20:36:58+02:00
dla: claim grpc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9ac9edf5 by Sylvain Beucler at 2023-07-22T18:32:22+02:00
dla: precise note authors
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac86be3e by Sylvain Beucler at 2023-07-15T18:26:41+02:00
CVE-2022-24439/python-git: reference follow-up fix
- - - - -
1 changed file:
- data/CVE/list
Changes
Hi,
On 08/07/2023 10:04, Sean Whitton wrote:
On Sat 08 Jul 2023 at 09:14am +02, Salvatore Bonaccorso wrote:
Just noticed the suffix for the version for the buster-security / LTS
upload was +deb9u1, was this intentional? This should have been
+deb10u1.
It wasn't. Thank you for pointing out
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7381a74 by Sylvain Beucler at 2023-07-08T12:02:37+02:00
CVE-2022-24439/python-git: clarify theres 2 fixes to apply
- - - - -
1 changed file:
- data/CVE/list
Changes
/lts-team/packages/runc/-/blob/debian/buster/debian/patches/CVE-2022-29162.patch
Cheers!
Sylvain Beucler
Debian LTS Team
On 06/07/2023 20:42, Sean Whitton wrote:
Hello,
I've prepared an upload to buster-security [1] to fix CVE-2023-37378.
I've tested it using an example script from [2
/k03pFSZfkf2ZZhUiHp4A4LEQ1wzCLsgHVAMnRHnKGA
I735ldF6s7h0gKZEDn0Syja/X/GP3mYEFuQa6DO/+ycKSWvrdNCZZY+VCeR0308n
O5EEcFs+SnW6xJLSGi+6PkXTg2lQilE7QNCmqYb16b48Qcn6EzY=
=pb5I
-END PGP SIGNATURE-
Sylvain Beucler (via nm.debian.org)
For details and to comment, visit https://nm.debian.org/process/1193/
--
https
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d703c5f1 by Sylvain Beucler at 2023-07-03T13:26:14+02:00
dla: typo
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c261f2a by Sylvain Beucler at 2023-07-01T16:54:20+02:00
lts-do-call-me: move info from packages.yml LTS package database
- - - - -
1 changed file:
- data/packages/lts-do-call-me
Changes
non-security LTS upload from non-team contributor
https://bugs.debian.org/1039489
- Continue internal discussions on packages claimfiles format/workflow
- Jitsi team meeting
--
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a602009 by Sylvain Beucler at 2023-06-27T21:08:43+02:00
lts-do-call-me: use regex rather than non-path-globbing, to ease tooling
implementation
- - - - -
1 changed file:
- data/packages/lts-do
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9ceee209 by Sylvain Beucler at 2023-06-24T18:52:42+02:00
CVE-2018-10237/guava-libraries: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3064ab90 by Sylvain Beucler at 2023-06-24T18:49:53+02:00
CVE-2023-/osslsigncode: reference mitre request
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4fe99872 by Sylvain Beucler at 2023-06-24T18:35:15+02:00
CVE-2023-34462/netty: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
953781e2 by Sylvain Beucler at 2023-06-23T14:12:15+02:00
RUSTSEC-2023-0045/rust-memoffset: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3bd43388 by Sylvain Beucler at 2023-06-23T13:35:12+02:00
CVE-2023-3316/tiff: precise buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bcdd8c5 by Sylvain Beucler at 2023-06-23T13:23:50+02:00
CVE-2023-3316/tiff: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d42dca43 by Sylvain Beucler at 2023-06-23T13:20:53+02:00
CVE-2023-34867,CVE-2023-34868: buster ignored
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bff7f5d0 by Sylvain Beucler at 2023-06-23T13:16:14+02:00
CVE-2023-34241/cups: reference introductory commit
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e72cf6d by Sylvain Beucler at 2023-06-23T12:54:17+02:00
CVE-2023-34241/cups: buster postponed + fix typo
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9f154c9 by Sylvain Beucler at 2023-06-23T12:28:32+02:00
dla: add bind9
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Hello Otto,
On 22/06/2023 19:41, Otto Kekäläinen wrote:
I filed on May 26th this but never got any reply from stable managers:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=103679
It is affected by only one minor CVE-2022-47015. The same CVE was
already fixed in DLA-3444-1 with MariaDB
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ee9d7ab by Sylvain Beucler at 2023-06-22T16:50:21+02:00
dla: add imagemagick and assign to rouca
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f067070b by Sylvain Beucler at 2023-06-21T20:02:40+02:00
dla: add lua5.3
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
96bdf598 by Sylvain Beucler at 2023-06-21T19:47:41+02:00
CVE-2019-6706/lua5.3: reference patch
- - - - -
76a736e5 by Sylvain Beucler at 2023-06-21T19:48:40+02:00
CVE-2019-6706/lua5.3: refresh
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b6daac72 by Sylvain Beucler at 2023-06-21T18:16:30+02:00
CVE-2023-34623/jtidy: buster postponed
- - - - -
ae5b29e9 by Sylvain Beucler at 2023-06-21T18:17:31+02:00
dla: libx11: reference DSA
in msi_dirent_new()
Fix more fuzzer errors
etc.
so most probably there isn't a single clean patch to apply :/
We might want to just bump to buster and bullseye to 2.3, there's only
one rdep AFAICS.
Cheers!
Sylvain Beucler
Debian LTS Team
(this week's Front-Desk person)
in msi_dirent_new()
Fix more fuzzer errors
etc.
so most probably there isn't a single clean patch to apply :/
We might want to just bump to buster and bullseye to 2.3, there's only
one rdep AFAICS.
Cheers!
Sylvain Beucler
Debian LTS Team
(this week's Front-Desk person)
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad00ad2e by Sylvain Beucler at 2023-06-20T20:19:05+02:00
dla: add lemonldap-ng
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77adf71c by Sylvain Beucler at 2023-06-20T20:13:28+02:00
dla: add libapache2-mod-auth-openidc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
74aa04c8 by Sylvain Beucler at 2023-06-20T19:37:10+02:00
dla: add symfony
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
37cade30 by Sylvain Beucler at 2023-06-20T19:20:03+02:00
CVE-2022-38223/w3m: reference bug about incomplete fix
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d57f4203 by Sylvain Beucler at 2023-06-20T19:07:08+02:00
dla: add avahi
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cb3660c3 by Sylvain Beucler at 2023-06-20T18:50:24+02:00
dla: fix-up triaging notes
- - - - -
cac693ed by Sylvain Beucler at 2023-06-20T18:50:35+02:00
dla: add systemd
- - - - -
1 changed file
201 - 300 of 8893 matches
Mail list logo