Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4a16069d by Anton Gladky at 2023-01-25T06:24:14+01:00 Add fix link to the libhtml-stripscripts-perl - - - - - ffc35fcd by Anton Gladky at 2023-01-25T06:28:55+01:00 LTS: add libhtml-stripscripts-perl to dla-needed.txt - - - - - 6c96ab38 by Anton Gladky at 2023-01-25T06:39:18+01:00 LTS: add golang-yaml.v2 to dla-needed.txt - - - - - f5bd72e6 by Anton Gladky at 2023-01-25T06:45:04+01:00 LTS: add sofia-sip to dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -1071,6 +1071,7 @@ CVE-2023-24039 (** UNSUPPORTED WHEN ASSIGNED ** A stack-based buffer overflow in CVE-2023-24038 (The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_ ...) - libhtml-stripscripts-perl 1.06-4 (bug #1029400) NOTE: https://github.com/clintongormley/perl-html-stripscripts/issues/3 + NOTE: https://github.com/clintongormley/perl-html-stripscripts/pull/4 CVE-2023-24037 RESERVED CVE-2023-24036 ===================================== data/dla-needed.txt ===================================== @@ -101,6 +101,11 @@ golang-websocket NOTE: 20220915: 1 CVE fixed in stretch and bullseye (golang-github-gorilla-websocket) (Beuc/front-desk) NOTE: 20220915: Special attention: limited support; requires rebuilding reverse dependencies -- +golang-yaml.v2 + NOTE: 20230125: Programming language: Go. + NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/golang-yaml.v2.git + NOTE: 20230125: Special attention: limited support; requires rebuilding reverse build dependencies (though recent bullseye updates didn't). +-- graphite-web NOTE: 20221229: Programming language: Python. -- @@ -122,6 +127,10 @@ libapache2-mod-auth-mellon NOTE: 20230105: Programming language: C. NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk) -- +libhtml-stripscripts-perl + NOTE: 20230125: Programming language: Perl. + NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/libhtml-stripscripts-perl.git +-- libreoffice NOTE: 20221012: Programming language: C++. NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git @@ -325,6 +334,10 @@ snort (Markus Koschany) NOTE: 20230121: Prepared new upstream version for unstable which we could NOTE: 20230121: backport to buster later. See https://bugs.debian.org/1021276 -- +sofia-sip + NOTE: 20230125: Programming language: C. + NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/sofia-sip.git +-- sox NOTE: 20220818: Programming language: C. NOTE: 20220818: Requires some investigation; see #1012138 etc. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/24a110dd2b485ff3413d8325916c5c7161215086...f5bd72e6efcb5a14077c4f09dd44e29ec62f4602 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/24a110dd2b485ff3413d8325916c5c7161215086...f5bd72e6efcb5a14077c4f09dd44e29ec62f4602 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits