Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
210740c6 by Adrian Bunk at 2021-09-30T23:04:09+03:00
Reserve DLA-2771-1 for krb5
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -182665,7 +182665,6 @@ CVE-2018-20218 (An issue was discovered on Teracue
ENC-400 devices with firmware
CVE-2018-20217 (A Reachable Assertion issue was discovered in the KDC in MIT
Kerberos ...)
{DLA-1643-1}
- krb5 1.16.2-1 (low; bug #917387)
- [stretch] - krb5 <no-dsa> (Minor issue)
NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
NOTE:
https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
CVE-2018-20216 (QEMU can have an infinite loop in
hw/rdma/vmw/pvrdma_dev_ring.c becaus ...)
@@ -230068,13 +230067,11 @@ CVE-2018-5731 (An issue was discovered in Heimdal
PRO 2.2.190. As part of the sc
CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with
permission t ...)
{DLA-1643-1}
- krb5 1.16.1-1 (bug #891869)
- [stretch] - krb5 <no-dsa> (Minor issue)
[wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with
permission t ...)
{DLA-1643-1}
- krb5 1.16.1-1 (bug #891869)
- [stretch] - krb5 <no-dsa> (Minor issue)
[wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers
to obta ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Sep 2021] DLA-2771-1 krb5 - security update
+ {CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 CVE-2021-37750}
+ [stretch] - krb5 1.15-1+deb9u3
[30 Sep 2021] DLA-2770-1 weechat - security update
{CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516}
[stretch] - weechat 1.6-1+deb9u3
=====================================
data/dla-needed.txt
=====================================
@@ -51,9 +51,6 @@ firmware-nonfree
--
jsoup (Markus Koschany)
--
-krb5 (Adrian Bunk)
- NOTE: 20210905: testing fixes
---
linux (Ben Hutchings)
--
linux-4.19 (Ben Hutchings)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/210740c63e59d4ad1c2e1352139677b9b5f568f1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/210740c63e59d4ad1c2e1352139677b9b5f568f1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
