[Git][security-tracker-team/security-tracker][master] 3 commits: update note

Thorsten Alteholz (@alteholz) Sun, 16 Jan 2022 15:34:58 -0800


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5969a87d by Thorsten Alteholz at 2022-01-16T23:30:46+01:00
update note

- - - - -
8cf7c60f by Thorsten Alteholz at 2022-01-16T23:50:13+01:00
slurm-llnl is probably still affected by CVE-2021-31215

- - - - -
99c5b013 by Thorsten Alteholz at 2022-01-17T00:34:34+01:00
Reserve DLA-2882-1 for sphinxsearch

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -44780,7 +44780,6 @@ CVE-2021-31215 (SchedMD Slurm before 20.02.7 and 
20.03.x through 20.11.x before
        - slurm-wlm 20.11.7+really20.11.4-2 (bug #988439)
        - slurm-llnl <removed>
        [buster] - slurm-llnl <no-dsa> (Minor issue)
-       [stretch] - slurm-llnl <not-affected> (env is already SPANKed)
        NOTE: 
https://github.com/SchedMD/slurm/commit/a9e9e2fedbd200ca545ab67dd753bd52c919f236
 (2.11.7)
        NOTE: Initially already fixed in 20.11.7-1 (the tracker would do the 
right thing)
        NOTE: but the unstable upload invalidated the changelog 20.11.7-1 so 
use 20.11.7+really20.11.4-2


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[17 Jan 2022] DLA-2882-1 sphinxsearch - security update
+       {CVE-2020-29050}
+       [stretch] - sphinxsearch 2.2.11-1.1+deb9u1
 [16 Jan 2022] DLA-2881-1 thunderbird - security update
        {CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 
CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 
CVE-2022-22747 CVE-2022-22748 CVE-2022-22751}
        [stretch] - thunderbird 1:91.5.0-1~deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -64,6 +64,7 @@ guacamole-client
 --
 libarchive (Thorsten Alteholz)
   NOTE: 20220102: testing package
+  NOTE: 20220116: waiting for upload in higher releases
 --
 libgit2 (Utkarsh)
   NOTE: 20211029: CVE-2018-10887/CVE-2018-10888/CVE-2018-15501 were fixed
@@ -128,9 +129,6 @@ slurm-llnl (Sylvain Beucler)
   NOTE: 20220107: backporting patches (Beuc)
   NOTE: 20220114: wait for Thorsten's precisions wrt. CVE-2021-31215 triage
 --
-sphinxsearch (Thorsten Alteholz)
-  NOTE: 20220103: waiting for Buster upload
---
 uriparser (Chris Lamb)
 --
 vim (Emilio)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53745e7ce7986c08f267b01bff58ab8108312c0c...99c5b0136386769afc6165609f1bc61dd956e465

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53745e7ce7986c08f267b01bff58ab8108312c0c...99c5b0136386769afc6165609f1bc61dd956e465
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 3 commits: update note

Reply via email to