Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 603d1993 by Sylvain Beucler at 2024-08-14T14:12:45+02:00 dla: more sponsored packages to sync with bookworm pu - - - - - 810df5ea by Sylvain Beucler at 2024-08-14T14:24:46+02:00 dla: sync dsa-needed.txt - - - - - 1 changed file: - data/dla-needed.prospective Changes: ===================================== data/dla-needed.prospective ===================================== @@ -37,6 +37,10 @@ amanda NOTE: 20240815: Added by Front-Desk (Beuc) NOTE: 20240815: Follow fixes from buster DLA-3681-1 (3 CVEs) and bookworm 12.4 (CVE-2023-30577) (Beuc/front-desk) -- +asterisk + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: CVE-2024-42365 is privilege escalation. (Beuc/front-desk) +-- bind9 NOTE: 20240729: Added by oldstable Security Team (carnil) NOTE: 20240729: Followup improvement for bullseye, though candidate as well for pu (carnil) @@ -87,7 +91,7 @@ exim4 -- ffmpeg NOTE: 20240815: Added by Front-Desk (Beuc) - NOTE: 20240815: Upgrade to 4.3.8 (Beuc/front-desk) + NOTE: 20240815: Upgrade to 4.3.8 (same approach as DSA-5748-1) (Beuc/front-desk) -- frr (Tobias Frost) NOTE: 20231107: Added by oldstable Security Team (jmm) @@ -113,8 +117,16 @@ glance (Thomas Goirand) -- glewlwyd NOTE: 20240815: Added by Front-Desk (Beuc) - NOTE: 20240815: Follow fixes from bookworm 12.6 (2 CVEs) - NOTE: 20240815: Consider fixing postponed CVEs (Beuc/front-desk) + NOTE: 20240815: A couple minor issues could be sync'd from bookworm, and a few postponed, but this can wait. + NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007884 + NOTE: 20240815: drop this entry after bullseye 11.11 is out on 2024-08-31 (Beuc/front-desk) +-- +glibc + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: A couple minor issues could be sync'd from bookworm but this can wait. + NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076832 + NOTE: 20240815: pu syncs with 2.31 upstream branch + NOTE: 20240815: drop this entry after bullseye 11.11 is out on 2024-08-31 (Beuc/front-desk) -- gnutls28 NOTE: 20240815: Added by Front-Desk (Beuc) @@ -190,6 +202,15 @@ php-horde-turba (Mike Gabriel) NOTE: 20240815: considered for EOL, sunweaver to work on an update NOTE: 20240815: https://lists.debian.org/debian-lts/2024/08/msg00023.html (Beuc/front-desk) -- +proftpd-dfsg + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: Follow fixes from bookworm 12.5 (2 CVEs) (Beuc/front-desk) +-- +pymongo (Bastien Roucarès) + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073529 (CVE-2024-5629) + NOTE: 20240815: drop this entry after bullseye 11.11 is out on 2024-08-31 (Beuc/front-desk) +-- python-aiohttp NOTE: 20240523: Added by oldstable Security Team (jmm) NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk) @@ -198,6 +219,10 @@ python-asyncssh NOTE: 20240105: Added by oldstable Security Team (jmm) NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk) -- +python-git + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: Follow fixes from buster DLA-3589-1, buster DLA-3502-1 and bookworm 12.2 (3 CVEs) (Beuc/front-desk) +-- python-html-sanitizer NOTE: 20240815: Added by Front-Desk (Beuc) -- @@ -212,6 +237,10 @@ qemu NOTE: 20240815: Follow fixes from bookworm 12.6 (CVE-2024-3446,CVE-2024-3447) NOTE: 20240815: CVE-2024-4467 fix also proposed for 12.7 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076504) -- +redis + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: Follow fixes from buster DLA-3361-1, DLA-3396-1 and bookworm DLA-3361-1 (3 CVEs) (Beuc/front-desk) +-- ring NOTE: 20230301: Added by oldstable Security Team (jmm) NOTE: 20230301: might make sense to rebase to current version (jmm) @@ -248,6 +277,9 @@ setuptools NOTE: 20240730: Added by oldstable Security Team (jmm) NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk) -- +smarty3 + NOTE: 20240814: Added by oldstable Security Team (jmm) +-- squid NOTE: 20240308: Added by oldstable Security Team (apo) NOTE: 20240308: Readd squid to dsa-needed.txt @@ -259,6 +291,10 @@ systemd NOTE: 20240815: Added by Front-Desk (Beuc) NOTE: 20240815: Follow fixes from bookworm 12.5 and 12.6 (3 CVEs) (Beuc/front-desk) -- +texlive-bin + NOTE: 20240815: Added by Front-Desk (Beuc) + NOTE: 20240815: Follow fixes from bookworm 12.1 (CVE-2023-32668) (Beuc/front-desk) +-- tinyproxy NOTE: 20240609: Added by oldstable Security Team (jmm) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/00159079d4fd3770173c84fb71a003e51a843e36...810df5ea805be3242383a27466c9ae41c06fbf63 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/00159079d4fd3770173c84fb71a003e51a843e36...810df5ea805be3242383a27466c9ae41c06fbf63 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits