Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d56205b6 by Moritz Mühlenhoff at 2022-05-17T20:58:25+02:00
waitress, openssl DSAs
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -187039,7 +187039,8 @@ CVE-2019-16793
CVE-2019-16792 (Waitress through version 1.3.1 allows request smuggling by
sending the ...)
{DLA-3000-1}
- waitress 1.4.1-1
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE:
https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6
NOTE:
https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65
@@ -187051,7 +187052,8 @@ CVE-2019-16790 (In Tiny File Manager before 2.3.9,
there is a remote code execut
CVE-2019-16789 (In Waitress through version 1.4.0, if a proxy server is used
in front ...)
{DLA-3000-1 DLA-2056-1}
- waitress 1.4.1-1 (bug #947433)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
NOTE:
https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4
NOTE:
https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017
CVE-2019-16788
@@ -187059,14 +187061,16 @@ CVE-2019-16788
CVE-2019-16786 (Waitress through version 1.3.1 would parse the
Transfer-Encoding heade ...)
{DLA-3000-1}
- waitress 1.4.1-1 (bug #947306)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE:
https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
NOTE:
https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the
RFC7230 ...)
{DLA-3000-1}
- waitress 1.4.1-1 (bug #947306)
- [buster] - waitress <no-dsa> (Minor issue)
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [stretch] - waitress <no-dsa> (Minor issue)
[jessie] - waitress <no-dsa> (Minor issue)
NOTE:
https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
NOTE:
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,11 @@
+[17 May 2022] DSA-5139-1 openssl - security update
+ {CVE-2022-1292}
+ [buster] - openssl 1.1.1n-0+deb10u2
+ [bullseye] - openssl 1.1.1n-0+deb11u2
+[17 May 2022] DSA-5138-1 waitress - security update
+ {CVE-2022-24761}
+ [buster] - waitress 1.2.0~b2-2+deb10u1
+ [bullseye] - waitress 1.4.4-1.1+deb11u1
[17 May 2022] DSA-5137-1 needrestart - security update
{CVE-2022-30688}
[buster] - needrestart 3.4-5+deb10u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56205b69af24bb4598b926d4444ee50d9121085
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56205b69af24bb4598b926d4444ee50d9121085
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
