Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 01c88224 by Ola Lundqvist at 2023-06-15T22:23:45+02:00 Added python-mechanize to dla-needed. - - - - - 1b93beb5 by Ola Lundqvist at 2023-06-15T22:23:46+02:00 Marked rust-h2 CVE-2023-26964 as no-dsa (minor issue) for buster. - - - - - a3aae462 by Ola Lundqvist at 2023-06-15T22:23:48+02:00 Marked jackson-databind CVE-2023-35116 as no-dsa (minor issue) for buster. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -89,6 +89,7 @@ CVE-2023-3036 (An unchecked read in NTP server in github.com/cloudflare/cfnts pr TODO: check CVE-2023-35116 (An issue was discovered jackson-databind thru 2.15.2 allows attackers ...) - jackson-databind <unfixed> + [buster] - jackson-databind <no-dsa> (Minor issue) NOTE: https://github.com/FasterXML/jackson-databind/issues/3972 CVE-2023-35110 (An issue was discovered jjson thru 0.1.7 allows attackers to cause a d ...) TODO: check @@ -17401,6 +17402,7 @@ CVE-2023-26965 (loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a h TODO: check CVE-2023-26964 (An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occ ...) - rust-h2 0.3.13-2 (bug #1034723) + [buster] - rust-h2 <no-dsa> (Minor issue) NOTE: https://github.com/hyperium/hyper/issues/2877 NOTE: https://github.com/hyperium/h2/commit/5bc8e72e5fcbd8ae2d3d9bc78a1c0ef0040bcc39 (v0.3.17) NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0034.html ===================================== data/dla-needed.txt ===================================== @@ -141,6 +141,9 @@ python-glance-store NOTE: 20230525: Added by Front-Desk (lamby) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. -- +python-mechanize + NOTE: 20230614: Added by Front-Desk (opal) +-- python-os-brick NOTE: 20230525: Added by Front-Desk (lamby) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f95f32127b4f4527bfec3a21ad4c836171d5aa0f...a3aae462df9892ff4ebd50712952c8d8e7c04e66 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f95f32127b4f4527bfec3a21ad4c836171d5aa0f...a3aae462df9892ff4ebd50712952c8d8e7c04e66 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits