[Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2021-3514 for 389-ds-base as no-dsa in buster with motivation minor...

Tue, 06 Sep 2022 14:32:21 -0700 


Ola Lundqvist pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
de10c4e2 by Ola Lundqvist at 2022-09-06T23:27:02+02:00
Marked CVE-2021-3514 for 389-ds-base as no-dsa in buster with motivation minor 
issue. This follows the decision made earlier for stretch. For bullseye it was 
fixed but since the issue was considered minor for strech there is no reason 
why a backport should be made in buster.

- - - - -
027eab42 by Ola Lundqvist at 2022-09-06T23:31:55+02:00
Added libxslt to dla-needed following decision for bullseye.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -93242,6 +93242,7 @@ CVE-2021-3515 (A shell injection flaw was found in 
pglogical in versions before
        NOTE: 
https://github.com/2ndQuadrant/pglogical/commit/95c0e8981485e09efab6821cf55a4e27b086efe5
 CVE-2021-3514 (When using a sync_repl client in 389-ds-base, an authenticated 
attacke ...)
        - 389-ds-base 1.4.4.11-2 (bug #988727)
+       [buster] - 389-ds-base <no-dsa> (Minor issue)
        [stretch] - 389-ds-base <no-dsa> (Minor issue)
        NOTE: https://github.com/389ds/389-ds-base/issues/4711
 CVE-2021-31829 (kernel/bpf/verifier.c in the Linux kernel through 5.12.1 
performs unde ...)


=====================================
data/dla-needed.txt
=====================================
@@ -67,6 +67,9 @@ libgoogle-gson-java (Markus Koschany)
 libraw
   NOTE: 20220904: Programming language: C++.
 --
+libxslt
+  NOTE: 20220905: Programming language: C
+--
 linux (Ben Hutchings)
 --
 mbedtls



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/178635f8f50de2fe4eeb0c5c3aefe63e34c52a84...027eab42daeb5a6960d7fa6cf9cdbc55c0735276

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/178635f8f50de2fe4eeb0c5c3aefe63e34c52a84...027eab42daeb5a6960d7fa6cf9cdbc55c0735276
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to