[Git][security-tracker-team/security-tracker][master] 3 commits: Add abcm2ps to dla-needed.txt

Sat, 19 Mar 2022 09:26:35 -0700 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
205885fd by Markus Koschany at 2022-03-19T17:01:07+01:00
Add abcm2ps to dla-needed.txt

- - - - -
3930791d by Markus Koschany at 2022-03-19T17:13:20+01:00
CVE-2022-24599,audiofile: Stretch/no-dsa

Minor issue. Can be fixed later.

- - - - -
a62e04a2 by Markus Koschany at 2022-03-19T17:24:20+01:00
CVE-2022-22909,hoteldruid: Stretch/no-dsa

Minor issue. Requires the privilege to add a new room and can thus be
mitigated.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -7290,6 +7290,7 @@ CVE-2022-24599 (In autofile Audio File Library 0.3.6, 
there exists one memory le
        - audiofile <unfixed>
        [bullseye] - audiofile <no-dsa> (Minor issue)
        [buster] - audiofile <no-dsa> (Minor issue)
+       [stretch] - audiofile <no-dsa> (Minor issue)
        NOTE: https://github.com/mpruett/audiofile/issues/60
 CVE-2022-24598
        RESERVED
@@ -13137,6 +13138,7 @@ CVE-2022-22909 (HotelDruid v3.0.3 was discovered to 
contain a remote code execut
        - hoteldruid <unfixed> (bug #1006750)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
+       [stretch] - hoteldruid <no-dsa> (Minor issue)
        NOTE: https://github.com/0z09e/CVE-2022-22909
 CVE-2022-22908 (SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows 
attackers, ...)
        NOT-FOR-US: Sangfor VDI Client


=====================================
data/dla-needed.txt
=====================================
@@ -12,6 +12,8 @@ 
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 To make it easier to see the entire history of an update, please append notes
 rather than remove/replace existing ones.
 
+--
+abcm2ps
 --
 ansible
   NOTE: 20210411: As discussed with the maintainer I will update Buster first 
and



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/95caeff17a0a8179d66c3abc338adee7108e5873...a62e04a225d9ade905c49cb02dbff1b5609e3406

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/95caeff17a0a8179d66c3abc338adee7108e5873...a62e04a225d9ade905c49cb02dbff1b5609e3406
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to