[Git][security-tracker-team/security-tracker][master] 3 commits: Added python-mechanize to dla-needed.

Thu, 15 Jun 2023 13:24:16 -0700 


Ola Lundqvist pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
01c88224 by Ola Lundqvist at 2023-06-15T22:23:45+02:00
Added python-mechanize to dla-needed.

- - - - -
1b93beb5 by Ola Lundqvist at 2023-06-15T22:23:46+02:00
Marked rust-h2 CVE-2023-26964 as no-dsa (minor issue) for buster.

- - - - -
a3aae462 by Ola Lundqvist at 2023-06-15T22:23:48+02:00
Marked jackson-databind CVE-2023-35116 as no-dsa (minor issue) for buster.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,6 +89,7 @@ CVE-2023-3036 (An unchecked read in NTP server in 
github.com/cloudflare/cfnts pr
        TODO: check
 CVE-2023-35116 (An issue was discovered jackson-databind thru 2.15.2 allows 
attackers  ...)
        - jackson-databind <unfixed>
+       [buster] - jackson-databind <no-dsa> (Minor issue)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/3972
 CVE-2023-35110 (An issue was discovered jjson thru 0.1.7 allows attackers to 
cause a d ...)
        TODO: check
@@ -17401,6 +17402,7 @@ CVE-2023-26965 (loadImage() in tools/tiffcrop.c in 
LibTIFF through 4.5.0 has a h
        TODO: check
 CVE-2023-26964 (An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream 
stacking occ ...)
        - rust-h2 0.3.13-2 (bug #1034723)
+       [buster] - rust-h2 <no-dsa> (Minor issue)
        NOTE: https://github.com/hyperium/hyper/issues/2877
        NOTE: 
https://github.com/hyperium/h2/commit/5bc8e72e5fcbd8ae2d3d9bc78a1c0ef0040bcc39 
(v0.3.17)
        NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0034.html


=====================================
data/dla-needed.txt
=====================================
@@ -141,6 +141,9 @@ python-glance-store
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, 
python-os-brick, nova and cinder.
 --
+python-mechanize
+  NOTE: 20230614: Added by Front-Desk (opal)
+--
 python-os-brick
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, 
python-os-brick, nova and cinder.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f95f32127b4f4527bfec3a21ad4c836171d5aa0f...a3aae462df9892ff4ebd50712952c8d8e7c04e66

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f95f32127b4f4527bfec3a21ad4c836171d5aa0f...a3aae462df9892ff4ebd50712952c8d8e7c04e66
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to