Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 851a329f by Markus Koschany at 2021-11-16T23:20:07+01:00 Claim firmware-nonfree in dla-needed.txt - - - - - 83a5b72a by Markus Koschany at 2021-11-16T23:23:10+01:00 Reserve DLA-2819-1 for ntfs-3g - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -8031,7 +8031,7 @@ CVE-2021-41655 CVE-2021-41654 RESERVED CVE-2021-41653 (The PING function on the TP-Link TL-WR840N EU v5 router with firmware ...) - NOT-FOR-US: TP-Link + NOT-FOR-US: TP-Link CVE-2021-41652 RESERVED CVE-2021-41651 (A blind SQL injection vulnerability exists in the Raymart DG / Ahmed H ...) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[16 Nov 2021] DLA-2819-1 ntfs-3g - security update + {CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263} + [stretch] - ntfs-3g 1:2016.2.22AR.1+dfsg-1+deb9u2 [13 Nov 2021] DLA-2818-1 ffmpeg - security update {CVE-2020-20445 CVE-2020-20446 CVE-2020-20451 CVE-2020-20453 CVE-2020-22037 CVE-2020-22041 CVE-2020-22044 CVE-2020-22046 CVE-2020-22048 CVE-2020-22049 CVE-2020-22054 CVE-2021-38171 CVE-2021-38291} [stretch] - ffmpeg 7:3.2.16-1+deb9u1 ===================================== data/dla-needed.txt ===================================== @@ -33,7 +33,7 @@ exiv2 (Thorsten Alteholz) firefox-esr (Emilio) NOTE: 20211116: blocked on toolchain backports (pochu) -- -firmware-nonfree +firmware-nonfree (Markus Koschany) NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag -- @@ -70,9 +70,6 @@ linux-4.19 (Ben Hutchings) -- mbedtls (Emilio) -- -ntfs-3g (Markus Koschany) - NOTE: 20211101: too many CVEs (gladk) --- nvidia-graphics-drivers NOTE: package is in non-free but also in packages-to-support NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3feeb3765955377f8b806786c42ce9fb1b49a89a...83a5b72a4d39814983d32011ce1bc24000d30def -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3feeb3765955377f8b806786c42ce9fb1b49a89a...83a5b72a4d39814983d32011ce1bc24000d30def You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits