Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9e779390 by Salvatore Bonaccorso at 2022-09-11T16:02:17+02:00 Reserve DSA number for gdk-pixbuf update - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -57181,7 +57181,6 @@ CVE-2021-44649 (Django CMS 3.7.3 does not validate the plugin_type parameter whi - python-django-cms <itp> (bug #516183) CVE-2021-44648 (GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulner ...) - gdk-pixbuf 2.42.9+dfsg-1 (bug #1014600) - [bullseye] - gdk-pixbuf <no-dsa> (Minor issue) [buster] - gdk-pixbuf <not-affected> (Vulnerable code introduced later) [stretch] - gdk-pixbuf <not-affected> (Vulnerable code introduced later) NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136 ===================================== data/DSA/list ===================================== @@ -1,3 +1,6 @@ +[11 Sep 2022] DSA-5228-1 gdk-pixbuf - security update + {CVE-2021-44648 CVE-2021-46829} + [bullseye] - gdk-pixbuf 2.42.2+dfsg-1+deb11u1 [07 Sep 2022] DSA-5227-1 libgoogle-gson-java - security update {CVE-2022-25647} [bullseye] - libgoogle-gson-java 2.8.6-1+deb11u1 ===================================== data/dsa-needed.txt ===================================== @@ -20,8 +20,6 @@ connman (carnil) -- freecad (aron) -- -gdk-pixbuf (carnil) --- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v5.10.y versions View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e779390aba58cbb5e9a6afa59903cc1104a16ea -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e779390aba58cbb5e9a6afa59903cc1104a16ea You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits