Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9c3b37c9 by Santiago Ruano Rincón at 2024-04-22T09:06:25-03:00 Reserve DLA-3792-1 for samba - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -288613,7 +288613,6 @@ CVE-2020-14383 (A flaw was found in samba's DNS server. An authenticated user co {DLA-2463-1} [experimental] - samba 2:4.13.2+dfsg-1 - samba 2:4.13.2+dfsg-2 (bug #973398) - [buster] - samba <no-dsa> (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2020-14383.html NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14472 CVE-2020-14382 (A vulnerability was found in upstream release cryptsetup-2.2.0 where, ...) @@ -288900,7 +288899,6 @@ CVE-2020-14323 (A null pointer dereference flaw was found in samba's Winbind ser {DLA-2463-1} [experimental] - samba 2:4.13.2+dfsg-1 - samba 2:4.13.2+dfsg-2 (bug #973399) - [buster] - samba <no-dsa> (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2020-14323.html NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14436 CVE-2020-14322 (In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...) @@ -288915,7 +288913,6 @@ CVE-2020-14318 (A flaw was found in the way samba handled file and directory per {DLA-2463-1} [experimental] - samba 2:4.13.2+dfsg-1 - samba 2:4.13.2+dfsg-2 (bug #973400) - [buster] - samba <no-dsa> (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2020-14318.html NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14434 CVE-2020-14317 (It was found that the issue for security flaw CVE-2019-3805 appeared a ...) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[22 Apr 2024] DLA-3792-1 samba - security update + {CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 CVE-2022-2127 CVE-2022-3437 CVE-2022-32742 CVE-2023-4091} + [buster] - samba 2:4.9.5+dfsg-5+deb10u5 [22 Apr 2024] DLA-3791-1 thunderbird - security update {CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864} [buster] - thunderbird 1:115.10.1-1~deb10u1 ===================================== data/dla-needed.txt ===================================== @@ -281,10 +281,6 @@ runc (dleidert) NOTE: 20240314: Several CVEs fixed in LTS remain unfixed (no-dsa) in bullseye. NOTE: 20240314: Uploads to ospu should be coordinated. (roberto) -- -samba (Santiago) - NOTE: 20230918: Added by Front-Desk (apo) - NOTE: 20240406: Update should be ready. Will upload this Monday. (Santiago) --- sendmail (rouca) NOTE: 20231224: Added by Front-Desk (ta) NOTE: 20240213: Patch need to be extracted (rouca). Upstream does not publish patches (CVE-2023-51765) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c3b37c90df72638fb3c2c96e87b26278e57b94a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c3b37c90df72638fb3c2c96e87b26278e57b94a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits