Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits: 44619aae by Bastien Roucariès at 2023-03-26T20:41:39+00:00 Reserve DLA-3368-1 for libreoffice - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -85380,17 +85380,14 @@ CVE-2022-26308 (Pandora FMS v7.0NG.760 and below allows an improper access contr CVE-2022-26307 (LibreOffice supports the storage of passwords for web connections in t ...) - libreoffice 1:7.3.3~rc1-2 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice <no-dsa> (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307 CVE-2022-26306 (LibreOffice supports the storage of passwords for web connections in t ...) - libreoffice 1:7.3.3~rc1-2 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice <no-dsa> (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 CVE-2022-26305 (An Improper Certificate Validation vulnerability in LibreOffice existe ...) - libreoffice 1:7.3.2~rc2-1 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice <no-dsa> (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305 CVE-2022-26301 (TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability ...) NOT-FOR-US: TuziCMS @@ -157240,7 +157237,6 @@ CVE-2021-25637 CVE-2021-25636 (LibreOffice supports digital signatures of ODF documents and macros wi ...) - libreoffice 1:7.3.0-1 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice <no-dsa> (Minor issue) [stretch] - libreoffice <postponed> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2056955 NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636 ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[26 Mar 2023] DLA-3368-1 libreoffice - security update + {CVE-2021-25636 CVE-2022-3140 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307} + [buster] - libreoffice 1:6.1.5-3+deb10u8 [24 Mar 2023] DLA-3367-1 libdatetime-timezone-perl - new timezone database [buster] - libdatetime-timezone-perl 1:2.23-1+2023b [24 Mar 2023] DLA-3366-1 tzdata - new timezone database ===================================== data/dla-needed.txt ===================================== @@ -129,10 +129,6 @@ intel-microcode (tobi) libmicrohttpd (Thorsten Alteholz) NOTE: 20230313: Programming language: C. -- -libreoffice (rouca) - NOTE: 20221012: Programming language: C++. - NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git --- linux (Ben Hutchings) NOTE: 20230111: Programming language: C -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44619aae5b33013176b4d0de2aafd43c8ba5ffbb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44619aae5b33013176b4d0de2aafd43c8ba5ffbb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits