Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: a9487a26 by Sylvain Beucler at 2022-12-03T17:12:19+01:00 dla: ceph: reference zigo's e-mail - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -23,7 +23,10 @@ android-platform-system-core ceph NOTE: 20221031: Programming language: C++. NOTE: 20221031: To be checked further. Not clear whether the vulnerability can be exploited in a Debian system. - NOTE: 20221031: What should be checked is whether any user with ceph permission can do the actions described in the exploit. + NOTE: 20221031: What should be checked is whether any user with ceph permission can do the actions described in the exploit. (ola/front-desk) + NOTE: 20221130: CVE-2022-3650: The patch is kind of trivial Python stuff backporting work. + NOTE: 20221130: Can someone take care of it in Buster? I'm currently building the Bullseye backport of the fix... + NOTE: 20221130: https://lists.debian.org/debian-lts/2022/11/msg00025.html (zigo/maintainer) -- consul NOTE: 20221031: Programming language: Go. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9487a265227c3d4181511570bdf61889ce4c8e2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9487a265227c3d4181511570bdf61889ce4c8e2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
