Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: e1df97c1 by Anton Gladky at 2023-03-21T06:35:41+01:00 Mark 3 gpac CVEs as EOL for buster - - - - - e8a8f822 by Anton Gladky at 2023-03-21T06:36:40+01:00 LTS: add curl to dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -502,6 +502,7 @@ CVE-2023-1453 (A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It ha NOT-FOR-US: Watchdog Anti-Virus CVE-2023-1452 (A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It ...) - gpac <unfixed> + [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2386 NOTE: https://github.com/gpac/gpac/commit/a5efec8187de02d1f0a412140b0bf030a6747d3f CVE-2023-1451 (A vulnerability was found in MP4v2 2.1.2. It has been classified as pr ...) @@ -510,10 +511,12 @@ CVE-2023-1450 (A vulnerability was found in MP4v2 2.1.2 and classified as proble NOT-FOR-US: MP4v2 CVE-2023-1449 (A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master ...) - gpac <unfixed> + [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2387 NOTE: https://github.com/gpac/gpac/commit/8ebbfd61c73d61a2913721a492e5a81fb8d9f9a9 CVE-2023-1448 (A vulnerability, which was classified as problematic, was found in GPA ...) - gpac <unfixed> + [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2388 NOTE: https://github.com/gpac/gpac/commit/8db20cb634a546c536c31caac94e1f74b778b463 CVE-2023-1447 (A vulnerability, which was classified as problematic, has been found i ...) ===================================== data/dla-needed.txt ===================================== @@ -38,6 +38,12 @@ consul (Abhijith PA) NOTE: 20221031: Concluded that the package should be fixed by the CVE description. Source code not analyzed in detail. NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/consul.git -- +curl + NOTE: 20230321: Programming language: C. + NOTE: 20230321: VCS: https://salsa.debian.org/lts-team/packages/curl.git + NOTE: 20230321: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/curl.html + NOTE: 20230321: Special attention: High popcon! Roberto has some experience with the package.. +-- docker.io (gladk) NOTE: 20230303: Programming language: Go. NOTE: 20230303: Follow fixes from bullseye 11.2 (Beuc/front-desk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5a4f2c3e631fe6577ae35f57f400d907c83f9ee...e8a8f822978be6c1491f202a03e7122b827bb87e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5a4f2c3e631fe6577ae35f57f400d907c83f9ee...e8a8f822978be6c1491f202a03e7122b827bb87e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits