Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: 12863832 by Emilio Pozuelo Monfort at 2022-09-19T12:41:03+02:00 Reserve DLA-3115-1 for e17 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[19 Sep 2022] DLA-3115-1 e17 - security update + {CVE-2022-37706} + [buster] - e17 0.22.4-2+deb10u1 [16 Sep 2022] DLA-3114-1 mariadb-10.3 - security update {CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27445 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27452 CVE-2022-27456 CVE-2022-27458 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32087 CVE-2022-32088 CVE-2022-32091} [buster] - mariadb-10.3 1:10.3.36-0+deb10u1 ===================================== data/dla-needed.txt ===================================== @@ -32,10 +32,6 @@ dovecot NOTE: 20220913: VCS: https://salsa.debian.org/lts-team/packages/dovecot.git NOTE: 20220913: Harmonize with bullseye: 1 CVE fixed in Debian 11.5 + 2 other postponed CVEs (Beuc/front-desk) -- -e17 (Emilio) - NOTE: 20220917: Programming language: C. - NOTE: 20220917: upcoming DSA, 0-day any->root local escalation exploit (Beuc/front-desk) --- exiv2 (Roberto C. Sánchez) NOTE: 20220819: Programming language: C++. NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128638323771fb9a62cbbbe69b757620c102e71e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128638323771fb9a62cbbbe69b757620c102e71e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits