[Git][security-tracker-team/security-tracker][master] Track pending logrotate update via upcoming point release

Fri, 01 Jul 2022 07:10:23 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2d06fde9 by Salvatore Bonaccorso at 2022-07-01T16:07:51+02:00
Track pending logrotate update via upcoming point release

- - - - -


3 changed files:

- data/CVE/list
- data/dsa-needed.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -15352,6 +15352,7 @@ CVE-2022-1349 (The WPQA Builder Plugin WordPress plugin 
before 5.2, used as a co
        NOT-FOR-US: WordPress plugin
 CVE-2022-1348 (A vulnerability was found in logrotate in how the state file is 
create ...)
        - logrotate 3.20.1-1 (bug #1011644)
+       [bullseye] - logrotate <no-dsa> (Minor issue; pending via next point 
release)
        [buster] - logrotate <not-affected> (Vulnerable code introduced later)
        [stretch] - logrotate <not-affected> (Vulnerable code introduced later)
        NOTE: https://www.openwall.com/lists/oss-security/2022/05/25/3


=====================================
data/dsa-needed.txt
=====================================
@@ -34,8 +34,6 @@ linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v4.19.y versions.
 --
-logrotate
---
 ndpi/oldstable
 --
 netatalk


=====================================
data/next-point-update.txt
=====================================
@@ -164,3 +164,5 @@ CVE-2022-32296
        [bullseye] - linux 5.10.127-1
 CVE-2022-32981
        [bullseye] - linux 5.10.127-1
+CVE-2022-1348
+       [bullseye] - logrotate 3.18.0-2+deb11u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d06fde9e733891e4f9da83df7efc79dcf224e3c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d06fde9e733891e4f9da83df7efc79dcf224e3c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to