Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 35e96a7a by Ola Lundqvist at 2022-07-12T00:10:36+02:00 Added curl to dla-needed since it is in DSA needed and at least one vulnerability applies to buster as well. - - - - - 587dc5e1 by Ola Lundqvist at 2022-07-12T00:18:32+02:00 Concluded that CVE-2022-24793 is not vulnerable in buster since the vulnerable code does not exist. The file is not even present. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -30153,6 +30153,7 @@ CVE-2022-24794 (Express OpenID Connect is an Express JS middleware implementing CVE-2022-24793 (PJSIP is a free and open source multimedia communication library writt ...) {DLA-3036-1} - asterisk <unfixed> + [buster] - asterisk <not-affected> (Vulnerable code not present) [stretch] - asterisk <not-affected> (Vulnerable code not present) - pjproject <removed> - ring <unfixed> ===================================== data/dla-needed.txt ===================================== @@ -12,6 +12,9 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues To make it easier to see the entire history of an update, please append notes rather than remove/replace existing ones. +-- +curl + NOTE: 20220712: Have not checked whether all CVEs are appliable or not (ola) -- linux (Ben Hutchings) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d9f630a6c2f2a80db5b748c40aea24d931cac3...587dc5e1d376b0b6c98ed4c616d69b4becef69ba -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22d9f630a6c2f2a80db5b748c40aea24d931cac3...587dc5e1d376b0b6c98ed4c616d69b4becef69ba You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits