Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d53fb1e1 by Sylvain Beucler at 2024-05-11T21:42:25+02:00
dla: drop netty
Only CVE-2024-29025 needs to be fixed, and this is a minor issue that
doesn't warrant a DSA/DLA/ELA on its own.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -16239,6 +16239,7 @@ CVE-2024-29025 (Netty is an asynchronous event-driven
network application framew
- netty <unfixed> (bug #1068110)
[bookworm] - netty <postponed> (Minor issue, fix along with future
update)
[bullseye] - netty <postponed> (Minor issue, fix along with future
update)
+ [buster] - netty <postponed> (Minor issue, HTTP multipart DoS, fix
along with future update)
NOTE:
https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v
NOTE:
https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c
(netty-4.1.108.Final)
NOTE: https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3
=====================================
data/dla-needed.txt
=====================================
@@ -171,9 +171,6 @@ linux (Ben Hutchings)
linux-5.10
NOTE: 20231005: perma-added for LTS package-specific delegation (bwh)
--
-netty
- NOTE: 20240419: Added by Front-Desk (apo)
---
nodejs (guilhem)
NOTE: 20240406: Added by Front-Desk (lamby)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d53fb1e151cb2b672bd810d25205e1650bf6b436
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d53fb1e151cb2b672bd810d25205e1650bf6b436
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
