[Git][security-tracker-team/security-tracker][master] tinyproxy, pillow DSAs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1a93b82a by Moritz Mühlenhoff at 2024-06-05T20:51:08+02:00
tinyproxy, pillow DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -55357,8 +55357,6 @@ CVE-2023-46176 (IBM MQ Appliance 9.3 CD could allow a 
local attacker to gain ele
 CVE-2023-44271 (An issue was discovered in Pillow before 10.0.0. It is a 
Denial of Ser ...)
        {DLA-3768-1}
        - pillow 10.0.0-1
-       [bookworm] - pillow <no-dsa> (Minor issue)
-       [bullseye] - pillow <no-dsa> (Minor issue)
        NOTE: https://github.com/python-pillow/Pillow/pull/7244
        NOTE: 
https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7
 (10.0.0)
 CVE-2023-43982 (Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 was 
discovere ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[05 Jun 2024] DSA-5705-1 tinyproxy - security update
+       {CVE-2023-49606}
+       [bookworm] - tinyproxy 1.11.1-2.1+deb12u1
+[05 Jun 2024] DSA-5704-1 pillow - security update
+       {CVE-2023-44271 CVE-2023-50447 CVE-2024-28219}
+       [bullseye] - pillow 8.1.2+dfsg-0.3+deb11u2
+       [bookworm] - pillow 9.4.0-1.1+deb12u1
 [02 Jun 2024] DSA-5703-1 linux - security update
        {CVE-2022-48655 CVE-2023-52585 CVE-2023-52882 CVE-2024-26900 
CVE-2024-27398 CVE-2024-27399 CVE-2024-27401 CVE-2024-35848 CVE-2024-35947 
CVE-2024-36017 CVE-2024-36031 CVE-2024-36883 CVE-2024-36886 CVE-2024-36889 
CVE-2024-36902 CVE-2024-36904 CVE-2024-36905 CVE-2024-36916 CVE-2024-36919 
CVE-2024-36929 CVE-2024-36933 CVE-2024-36934 CVE-2024-36939 CVE-2024-36940 
CVE-2024-36941 CVE-2024-36946 CVE-2024-36950 CVE-2024-36953 CVE-2024-36954 
CVE-2024-36957 CVE-2024-36959}
        [bullseye] - linux 5.10.218-1


=====================================
data/dsa-needed.txt
=====================================
@@ -51,8 +51,6 @@ php-horde-mime-viewer/oldstable
 --
 php-horde-turba/oldstable
 --
-pillow (jmm)
---
 pymatgen/stable
 --
 python-aiohttp
@@ -78,7 +76,5 @@ ruby-tzinfo/oldstable
 --
 squid
 --
-tinyproxy (jmm)
---
 zabbix
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a93b82a467215b1363138818b68f3cd9535e553

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a93b82a467215b1363138818b68f3cd9535e553
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits