[Git][security-tracker-team/security-tracker][master] Reserve DSA number for gdk-pixbuf update

Sun, 11 Sep 2022 07:03:00 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e779390 by Salvatore Bonaccorso at 2022-09-11T16:02:17+02:00
Reserve DSA number for gdk-pixbuf update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -57181,7 +57181,6 @@ CVE-2021-44649 (Django CMS 3.7.3 does not validate the 
plugin_type parameter whi
        - python-django-cms <itp> (bug #516183)
 CVE-2021-44648 (GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer 
overflow vulner ...)
        - gdk-pixbuf 2.42.9+dfsg-1 (bug #1014600)
-       [bullseye] - gdk-pixbuf <no-dsa> (Minor issue)
        [buster] - gdk-pixbuf <not-affected> (Vulnerable code introduced later)
        [stretch] - gdk-pixbuf <not-affected> (Vulnerable code introduced later)
        NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[11 Sep 2022] DSA-5228-1 gdk-pixbuf - security update
+       {CVE-2021-44648 CVE-2021-46829}
+       [bullseye] - gdk-pixbuf 2.42.2+dfsg-1+deb11u1
 [07 Sep 2022] DSA-5227-1 libgoogle-gson-java - security update
        {CVE-2022-25647}
        [bullseye] - libgoogle-gson-java 2.8.6-1+deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -20,8 +20,6 @@ connman (carnil)
 --
 freecad (aron)
 --
-gdk-pixbuf (carnil)
---
 linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v5.10.y versions



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e779390aba58cbb5e9a6afa59903cc1104a16ea

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e779390aba58cbb5e9a6afa59903cc1104a16ea
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to