[Git][security-tracker-team/security-tracker][master] Reserve DLA-3206-1 for heimdal

Sat, 26 Nov 2022 11:28:01 -0800 


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e7ca4158 by Guilhem Moulin at 2022-11-26T20:27:26+01:00
Reserve DLA-3206-1 for heimdal

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -97583,7 +97583,6 @@ CVE-2021-37715 (A remote cross-site scripting (XSS) 
vulnerability was discovered
 CVE-2021-3671 (A null pointer de-reference was found in the way samba kerberos 
server ...)
        {DSA-5287-1}
        - heimdal 7.7.0+dfsg-3 (bug #996586)
-       [buster] - heimdal <no-dsa> (Minor issue)
        [stretch] - heimdal <no-dsa> (Minor issue)
        - samba 2:4.13.13+dfsg-1
        [bullseye] - samba 2:4.13.13+dfsg-1~deb11u1
@@ -237677,7 +237676,6 @@ CVE-2019-14870 (All Samba versions 4.x.x before 
4.9.17, 4.10.x before 4.10.11 an
        [buster] - samba <no-dsa> (Minor issue)
        [jessie] - samba <no-dsa> (Minor issue)
        - heimdal 7.7.0+dfsg-1 (bug #946786)
-       [buster] - heimdal <no-dsa> (Minor issue)
        [stretch] - heimdal <no-dsa> (Minor issue)
        [jessie] - heimdal <no-dsa> (Minor issue)
        NOTE: https://www.samba.org/samba/security/CVE-2019-14870.html


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Nov 2022] DLA-3206-1 heimdal - security update
+       {CVE-2019-14870 CVE-2021-3671 CVE-2021-44758 CVE-2022-3437 
CVE-2022-41916 CVE-2022-42898 CVE-2022-44640}
+       [buster] - heimdal 7.5.0+dfsg-3+deb10u1
 [25 Nov 2022] DLA-3205-1 inetutils - security update
        {CVE-2019-0053 CVE-2021-40491 CVE-2022-39028}
        [buster] - inetutils 2:1.9.4-7+deb10u2


=====================================
data/dla-needed.txt
=====================================
@@ -79,9 +79,6 @@ golang-websocket
   NOTE: 20220915: 1 CVE fixed in stretch and bullseye 
(golang-github-gorilla-websocket) (Beuc/front-desk)
   NOTE: 20220915: Special attention: limited support; requires rebuilding 
reverse dependencies
 --
-heimdal (guilhem)
-  NOTE: 20221117: Programming language: C.
---
 hsqldb
   NOTE: 20221031: Programming language: Java.
   NOTE: 20221031: To be investigated further. A possible outcome is to ignore 
it.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ca41589e54430fdd3eaa2cacce2d52b25d0311

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ca41589e54430fdd3eaa2cacce2d52b25d0311
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to