Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: d9a4b6ef by Anton Gladky at 2023-03-23T06:35:18+01:00 LTS: add cairosvg to dla-needed.txt - - - - - 4eb3147e by Anton Gladky at 2023-03-23T06:39:48+01:00 Mark CVE-2023-1289 as postponed for buster - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -2536,6 +2536,7 @@ CVE-2023-1289 RESERVED - imagemagick <unfixed> (bug #1033254) [bullseye] - imagemagick <no-dsa> (Minor issue) + [buster] - imagemagick <postponed> (Should be fixed together with some other CVEs) NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr NOTE: https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4 CVE-2023-1288 (An XML External Entity injection (XXE) vulnerability in ENOVIA Live Co ...) ===================================== data/dla-needed.txt ===================================== @@ -23,6 +23,9 @@ apache2 NOTE: 20230312: VCS: https://salsa.debian.org/lts-team/packages/apache2.git NOTE: 20230312: Special attention: Double check an update! Package is used by many customers and users!. -- +cairosvg + NOTE: 20230323: Programming language: Python. +-- ceph NOTE: 20221031: Programming language: C++. NOTE: 20221031: To be checked further. Not clear whether the vulnerability can be exploited in a Debian system. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed43841f38719e4bc2339a4b3daf89f5bf9b47a7...4eb3147efe322b3bd57a98dc2736db546cda8fe7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed43841f38719e4bc2339a4b3daf89f5bf9b47a7...4eb3147efe322b3bd57a98dc2736db546cda8fe7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits